Information Security Analyst at Pico

Pico is seeking an Information Security Analyst to join their security operations team in Belfast. The Information Security Analyst will be responsible for understanding and providing appropriate surveillance for the critical cyber threats to Pico’s Information Systems. They will participate in the development and implementation of security policies and procedures, leverage Network Monitoring, Logging and Security Incident Event Management (SIEM) systems to produce alerts, audit data and reporting to detect suspicious activity and will analyze the threat data to help the Information Security team to determine what response is appropriate.Responsibilities include monitoring, investigating, and reporting security incidents, performing penetration tests and vulnerability assessments, and collaborating with the Incident Response team. The Information Security Analyst will also assist in creating security reports and documentation, supporting audit activities and compliance requirements.

• Monitoring, investigation and reporting of security incidents.
• Coordinate and perform internal as well as external penetration tests, application as well as network vulnerability assessment scans, and security risk assessment reviews.
• Monitor, evaluate, and advise on information security issues related to systems, data, network, and workflow to ensure security controls are appropriate and operating as intended.
• Analyze identified threats or vulnerabilities and assess the associated risk based on the current threat landscape.
• Collaborate with the Incident Response team to address security incidents, performing triage, containment, and post-incident analysis.
• Assist in the creation of security reports and documentation, supporting audit activities and compliance requirements.

• 3+ years of experience in information security (network, application and systems) or related technology experience required, experience in the securities or financial services industry is preferred.
• Strong knowledge of technology and security controls related to the detection, analysis, containment, eradication, and recovery from cyber security incidents.
• Knowledge of Windows and Linux systems, Active Directory Architecture, EDR, data governance, vulnerability management, SIEM systems, and Information Security compliance and standards.
• Security certifications such as CompTIA Security+, CISSP, or equivalent are preferred.

• Hybrid work arrangement with time in the office and flexibility to work from home.