Data Security Analyst - SC Cleared at Cabinet Office, Manchester/Remote, 6 Months, £Contract Rate

  • Contract Spy
  • Hybrid (Manchester, UK)
  • Jul 10, 2024
6 Months or more

Contract Description

3_logo.png

 

Data Security Analyst – (Data Loss Prevention)

Inside IR35

Contract Term: 6 months

Contracting Authority: Cabinet Office

Location: Hybrid - Bristol, Manchester, London or Glasgow

SC Clearance is an essential requirement for this role, as a minimum you must be eligible and willing to undergo these checks.

Do you specialise in Data Loss Prevention within Cyber Security. If so this opportunity within the Cabinet Office is for you.

The Cabinet Office supports the Prime Minister and ensures the effective running of government. The Cabinet Office is also the corporate headquarters for the government, in partnership with HM Treasury, and takes the lead in certain critical policy areas.

As a Data Security Analyst, your main responsibilities will be to

This role is within Cyber Defence, which delivers cyber threat intelligence, threat detection, incident response and vulnerability management capabilities for the Cabinet Office and is responsible for defending both internal IT infrastructure and citizen-facing services. As a data security analyst, you’ll focus on the investigation and response to data security incidents, and will:

  • triage and investigate data security alerts (including from our email, productivity, network, and endpoint tools)
  • Use a variety of techniques to analyse systems, network traffic and cloud environments and understand the nature and extent of possible data security incidents.
  • Support the response to data security incidents by identifying and implementing (or supporting the implementation of) containment, eradication and recovery actions
  • Support the response to data security incidents by engaging and collaborating with Data Protection, Security, and wider Corporate Services functions
  • Support the coordination of data security incidents
  • Contribute to post-incident reviews to identify lessons and actions
  • Identify opportunities for, and support the delivery of, continual improvements to the data security capability.
  • Work closely alongside other Cyber Defence functions, supporting the continual improvement of wider capabilities.
  • Contribute to internal plans, playbooks and knowledge base articles.
  • Act as an escalation point for, and provide coaching and mentoring to, associate security analysts.
  • Incidents can and do arise on a 24/7 basis. The team operates an out-of-hours on call rota, which you will be expected to join.

You’ll have:

  • Experience investigating and responding to data security incidents.
  • Experience implementing or operating Data Loss Prevention (DLP) capabilities.
  • Experience using security tools (e.g., EDR, SIEM) to support the investigation and response to data security incidents.
  • broader experience working in cyber operations.

It’s desirable, but not essential, that you have:

  • Experience with Splunk
  • Experience with Google Workspace
  • Experience with Palo Alto Networks firewalls
  • Experience working in an Agile environment.
  • Experience with cloud environments such as AWS