IT Security Analyst

Mercury is the European leader in construction solutions. We build and manage complex engineering & construction projects for the world’s leading corporations. Our solutions help deliver technologies and life changing advancements that connect people, communities, and businesses, giving them the power to achieve incredible things. Our people have the courage to be innovative. Their determination and sharp focus enable us to deliver with certainty, time and time again.We deliver our clients’ visions through leading edge construction solutions across multiple sectors, including Enterprise Data Centres, Advanced Technology & Life Sciences, Hyperscale Data Centres, Fire Protection.At Mercury, it is our duty to encourage and back our people to realise their vision of themselves. We place them at the heart of what we do, providing challenging opportunities to develop within a great team in a supportive environment that allows them to reach their full potential.Scope Of The RoleWe are seeking a highly skilled and experienced IT Security Analyst who will respond to and investigate cyber threats within Mercury’s enterprise environment using various top tier security tool and services. The role requires working closely with external managed SOC provider and internal IT Infrastructure team. As part this role you will be required also to promote positive cybersecurity culture within the company and be involved in cybersecurity awareness training campaigns. The role requires also contribution to and active development of ISO27001:2022 certified ISMS programme.Responsibilities Of The RoleManaging Security Incidents in ServiceNow and other platformsInvestigating all informational and minor level security incidentsSupporting ISMS programme (SOA, SOPs, Procedures)Engaging with end users flagged by security monitoring toolsWorking closely with Managed Security Service Provider on triaging security incidents.Addressing vulnerabilities on end user devices (Windows and Mobile)Escalating Major and Critical severity incident to Security Ops Investigators / Sys AdminsMonitoring engagement and contributing to Cybersecurity Awareness and Training programmes (including selecting and developing security awareness content)Hosting security training webinars and workshops for end usersAnalysing output from various UBA toolsInvestigate and advise on end user concerns surrounding phishing and other cyber activitiesAdhering to and improving security protocolsFollowing common security frameworks (e.g., ISO27001, NIST)Addressing information security non-conformance reportsCoordinating phishing simulationsFacilitate security workshopsParticipate in policy review as requiredKey SkillsTechnical Skills1-3 years' experience as a Security Analyst or equivalent knowledgeKnowledge of various security methodologies and processes, and technical security solutions (SIEM, IDS/IPS, Firewall Solutions, Offensive Security tools)Experience with enterprise level Endpoint Security / EDR solutions (e.g., CrowdStrike, Carbon Black, Defender for Endpoints)Working knowledge of ISO27001 frameworkFamiliar with vulnerability management process and common enterprise VM platforms (e.g., Qualys, Rapid7, Tenable,)Experience with Microsoft Identity Services and relevant Security Tools (Entra ID, Conditional Access, Microsoft Defender, Identity Protection, PIM)Experience with enterprise level email security tools (e.g., Mimecast, Proofpoint, Abnormal)Experience with various MFA protocolsKnowledge of TCP/IP Protocols, network analysis, and network/security applicationsFamiliarity with web security / SASE / SSE platforms (e.g., Netskope, ZScaler)Basic experience with standard log analytics tools (e.g., KQL)Personal SkillsProblem solving – to take structured approach to problemsAbility to manage and prioritize own tasksProven interpersonal skillsWilling to constantly improve qualificationsFull Driving LicenseEducation (Desired Skills)CompTIA Security+ / CySA+CEHCompTIA Network+ / CCNACompTIA PenTest+MS-500 / AZ-500BA/MSc in computer science or in related field.Mercury is an equal opportunities employer