3rd Line Security Analyst

JobTitle Level3SecurityAnalystIncidentResponse&VulnerabilityManagement

Department ServiceDelivery/Security

ReportingTo SecurityLead/ServiceDeliveryManager

OperatesunderthedirectionoftheIncidentManagerduringsecurityincidents

Location UK(Hybrid)OfficeinCardiff1-2daysperweek,regularclientsitetravel.

WorkingPattern MondaytoFridaywithparticipationintheon-callSecurityandMajorIncidentrotaasrequired

RolePurpose

TheLevel3SecurityAnalystisresponsibleforthetechnicalinvestigation,containment,remediation,andresolutionofITsecurityincidentsandvulnerabilitiesacrossacomplex,multi-sitecustomerestatesupportedbytheMSP.

Theroleactsasaseniortechnicalauthorityforsecurityincidents,workingalongsideIncidentManagement,Infrastructure,Network,andApplicationteamstoensuresecurityissuesareresolvedend-to-end,correctlydocumented,anddonotreoccur.

KeyAccountabilitiesSecurityIncidentInvestigation&Response

Actasthetechnicalleadfortheinvestigationofsecurityincidentsacrosssupportedplatforms.

Investigatemalware,ransomware,accountcompromise,unauthorisedaccess,suspiciousactivity,andsecuritymisconfiguration.

Performdetailedrootcauseanalysisacrossendpoint,identity,network,andapplicationlayers.

AdvisetheIncidentManageronincidentscope,impact,containment,eradicationstrategy,andrecoveryvalidation.