Your new company
The Pensions Regulator (TPR) is responsible for protecting workplace pensions in the UK. We work with employers and those running pensions to help people save safely for their retirement. We have a fantastic office located in the heart of Brighton that is a short distance from the train station, shops and the sea. We put our 800+ employees first by supporting flexible working and offering a diverse, lively and inclusive environment. This includes LGBT+ Network (PROUD), Women’s Network, BAME Network (ME), and a Disability Network, which offer supportive spaces to connect. We are committed to making TPR a great place to work. We do all we can to support our people reach their full potential with training, secondment and development opportunities.

Your new role
We’re looking for an IT Security Analyst that will:

• Work with our internal security tools and outsourced SOC to investigate security alerts and provide incident response duties across end user devices, IaaS environments and physical infrastructure.
• Ensure security measures and software to protect systems is operational and effective.
• Identify potential configuration weaknesses & vulnerabilities and work with IT colleagues to implement remediation measures in line with IT operational procedures.
• Work with IT Security Manager to help assess proposed changes to controls against best practice and organisational risk appetite.
• Provide a point of contact for end-user and IT enquiries relating to IT Security matters.

In return we will:

• Help you work towards becoming a Microsoft Certified Security Operations Analyst Associate.
• Provide opportunities for progression throughout the organisation.
• Give exposure to a broad range of information security and risk disciplines and experience.

You will be

• Be responsible for managing all cyber security incidents raised by the Service Desk, SOC, or any security tools and ensuring all incident information is captured.
• Produce risk assessments for any ongoing threats or vulnerabilities which may exist post-incident.
• Monitor security tools for effectiveness and suggest any remedial action necessary to maintain their effectiveness.
• Maintain visibility of monthly security patching and ensure any exceptions are captured.
• Ensure new TPR assets are accurately captured in monthly scans and maintain applicable security services information in designated repository.
• Creating and maintaining information security operational runbooks.
• Taking part in security testing and liaising with other IT teams for resources where required.
• Assist with the production and maintenance of IT Security policies, processes and procedures

What you'll need to succeed
Essential:

• Previous experience in Cyber Security incident response, or similar IT background.
• In depth knowledge of networking and network security technologies such as Firewalls, IDS/IPS, Proxies, Content & Email Filtering, Application security, SIEM and Log monitoring/management.
• Good knowledge of Microsoft’s suite of cloud technologies and security tools
• Good knowledge of Security & Governance best practice.
• Understanding of compliance requirements such as ISO27001.
• Able to work under own initiative, with minimal supervision.
• Strong relationship management with technical teams.
• Experience with using vulnerability assessment tools.
• Ability to solve security-related technical problems and implement innovative solutions
• Manage root cause analysis reviews, ensuring improvement plans are documented and managed through to completion
• Able to review output from security tools to build an analytical picture of a security incident.
• Excellent analytical skills; the ability to view a problem from different angles
• Proven ability to provide technical advice, leadership, and direction to more junior IT Staff
• Strong in risk and issue management to enable IT security and other IT teams to work symbiotically.
• Apply a continuous improvement process, learning from completed work where to improve efficiency and the value of the IT security function.
• Able to build effective relationships and manage internal and external stakeholder.

Desirable:

• Understanding of compliance requirements such as ISO27001.
• Experience with using and integrating vulnerability assessment tools in a cloud environment
• Microsoft Cloud Security qualification

• Demonstrable passion for Information Security

• Keenness to learn

• Problem solving and analytical skills
• Proactive and flexible
• Attention to detail and accuracy
• Excellent customer service
• Can do approach

What you'll get in return
As well as a salary between £34,694 and £46,056, we offer:

• Civil Service Pension arrangements, which are recognized as some of the best in the pensions world
• discretionary bonus arrangements
• access to performance related pay progression
• 25 days annual leave provision
• flexible working arrangements
• development opportunities
• enhanced parental leave arrangements
• a free employee assistance programme
• an excellent office location in Brighton.

What you need to do now
If you're interested in this role, click 'apply now' to forward an up-to-date copy of your CV, or call us now.
If this job isn't quite right for you but you are looking for a new position, please contact us for a confidential discussion on your career.