Information Security Analyst (City of London)

The Company:

NorthMark Strategies is a leading investment firm, combining capital, innovation, and engineering to drive long-term value. From operating complex businesses to backing breakthrough technologies, our mission is to build enduring businesses. Our team combines intelligent risk-taking, operational excellence, exceptional talent, and world-class computing capacity to create shareholder value.

Our company offers a dynamic environment where individuals have the freedom to lead companies toward bold achievements by embracing innovation, leveraging technology, and fostering differentiated business strategies. Our values are Integrity, Ability, and Energy, and the company aims to hire individuals who possess those qualities.

At NorthMark Strategies, we believe the future isn’t something to hope for, it’s something to build. We don’t just invest, we create. Bringing together strategic insight and technical horsepower to deliver outcomes that endure.

The Position

The IT Security team is responsible for the oversight and execution of a “cloud-first” Cyber Defense, Business Continuity and Risk Management programs to support our business goals. This includes, but is not limited to security operations, vulnerability and patch management, incident response, disaster recovery, business continuity, risk identification and mitigation planning / implementation, identity management, network security, privacy, and compliance.

In the Cyber Defense Security Analyst role, you will be working to help build and maintain security programs at a rapidly growing investment company as well as its associated holdings. You will report to the Manager, Cyber Defense Operations and will be responsible for monitoring, detecting, analyzing, and responding to cybersecurity incidents and executing strategies to detect and deter insider threats. This position will serve as a project member on multiple projects simultaneously and will interact regularly with technical subject matter experts.

The ideal candidate will hold a Bachelor of Science degree in Information/Cyber Security or applicable field and have at least 3+ years of experience in a Security or Technology role. The candidate must possess a strong understanding of the role of Information Security Policies and Standards and a proficient understanding of the Microsoft 365 / Azure platforms/ AWS

Responsibilities:

• Monitor security event logs and alerts generated by various security technologies, including SIEM, IDS/IPS, firewalls, and endpoint protection systems.
• Conduct host forensics, network forensics, log analysis, and malware triage in support of incident response investigations.
• Identify, analyze, and assess potential insider threats through behavioral analytics, log review, and threat intelligence.
• Maintain and improve SOC processes and procedures, staying current with the latest security trends and technologies.
• Assist in developing strategies to handle security incidents and coordinate responses to insider threats.
• Support the development and implementation of use cases, detection rules, and playbooks.
• Perform threat hunting activities to proactively identify threats within the environment.
• Continuously review and refine insider risk policies to ensure they are effective and up to date.
• Develop and implement automated processes for monitoring and enforcing insider risk policies.
• Participation in security root cause analysis and forensics as part of NorthMark Strategies’ Cyber Incident Response Plan.
• Develop comprehensive and accurate reports and presentations for both technical and executive audiences.
• Stay up to date with relevant vulnerabilities, threat actors, indicators of compromise (IOCs) tactics, techniques, and procedures (TTPs), and trends, identifying actionable areas of interest and threats.

Requirements and Qualifications

• At least 3 years of experience in a SOC analyst role or similar cybersecurity position.
• Bachelors of Science in Information/Cyber Security or a related field (or equivalent work experience)
• Proficiency in Microsoft 365 security tools and collaboration technologies.
• Proficiency in Cloud Computing Service security (Azure & AWS).
• Proficiency in security tools and technologies for monitoring insider threats
• Experience threat hunting in Microsoft 365 environments to identify insider risk threats.
• Strong understanding of insider threat principles and programs
• Previous experience in an incident response or DFIR role a strong plus.
• Interpersonal and collaborative skills and the ability to communicate security and risk-related concepts to technical and nontechnical audiences.
• Innovative, creative, curious, and passionate about Information Security and Technology.
• High degree of initiative, dependability, and ability to work with little supervision.
• Ability to formulate a clear and actionable plan and execute against it.