Cyber Security Analyst

The Economist Group is the leading source of analysis on international business and world affairs. We deliver world-class, thought-provoking content through a range of formats, from web and app to newspapers and magazines, conferences, film and audio. What ties us together is the objectivity of our opinion, the originality of our insight and our advocacy of economic and political freedom around the world.

With a growing global subscriber base and a reputation for insightful analysis and opinion on every aspect of world events, The Economist is one of the most widely recognised and well-read current affairs publications and the foundation of our digital consumer product portfolio.

The Cyber Security Analyst is a member of the Information Security team and the job holder is responsible for establishing, implementing, monitoring, reviewing and improving a suitable set of controls to protect our information assets and ensure the business objectives of the organisation.

• Collaborate with our Managed Detection Response (MDR) provider to assess and respond to security threats against our customer-facing and staff-facing platforms and services and drive continuous improvement of our capabilities.
• Deliver security awareness training as required and ensure all staff are properly equipped with the knowledge to defend our Group from phishing, social engineering attacks and other common cyber threats
• Respond to security-related queries from all parts of the Group, tailoring your response and advice depending on the scenario 
• Assist in application security testing activities and ensure that testing results are communicated effectively to stakeholders and remediation is properly prioritised
• Identify and communicate at all levels (evangelising) relevant security threats to the Group’s application platforms
• Enhance the overall posture in application security and drive cultural change in a collaborative manner
• Participate in incident response, from discovery through to recovery, lessons learned and remediation
• Conduct third-party risk assessments
• Ensure our business operations are compliant with relevant security standards and regulations such as PCI DSS SAQ-A

• Experience working in a Service Desk or other IT department
• Excellent knowledge of computer systems, software and hardware
• Excellent, demonstrable, customer service skills
• Excellent presentation skills
• Excellent communication (spoken and written) and interpersonal skills
• Organised, analytical, practical – good attention to detail
• Good influencing skills. Able to deal with all levels of the organisation.
• Able to take the initiative. Positive ‘can do’ attitude and a determination to succeed
• Diligent, able to work to deadlines while managing multiple priorities
• Inquisitive, able to solve problems and come up with solutions
• Curious, innovative, willing to challenge conventional approaches and test new ones

In addition, the following would be desirable but not essential

• Security-related certification such as CISSP, CISM, CEH or OSCP
• International work experience desirable
• Experience in the media and entertainment or another lightly regulated industry
• Experience with risk management, compliance, audit, business continuity or finance 
• Demonstrable experience of security incident response