Lead IT Security Analyst

WHO ARE WE?

WE ARE A WORLD LEADER IN ENGINEERING AND IT SERVICES.

At ALTEN, we see our specialists as architects – today’s designers of tomorrow’s world. As a leader in Engineering and IT Services, we support companies in their technological and sustainable transformation.

OVER 57,400 EMPLOYEES IN 30+ COUNTRIES, TO SUPPORT MORE THAN 6,500 CLIENTS WORLDWIDE.

We operate in all sectors: Aeronautics, Space, Defence, Security & Naval, Automotive, Rail & Mobility, Energy & Environment, Life Sciences & Health, Industrial Equipment & Electronics, Telecoms, Banking, Finance & Insurance, Retail, Services & Medias, Public Services & Government.

We carry out complex and highly technical projects throughout the value chain of the most prestigious companies worldwide.

Our motto: Building Tomorrow’s World Today!

• Typically educated to degree level or equivalent (ideally within IT security)
• 3+ year experience on consultancy and support to application teams including security scanning tool onboarding, scanning eligibility and exceptions etc.
• Experience using enterprise security scanning tooling will be an advantage.
• Hands-on DAST experience.
• Experience using Invicti would be an added advantage.
• Knowledge and understanding of common authentication mechanisms for websites and APIs.
• Understanding of common technologies, protocols and architectures that are commonly used by web applications and APIs. (HTML, XML, JavaScript, JSON, REST, Microservices etc.)
• Development and scripting experience (JavaScript, Python)
• Experience configuring and review automated DAST scan configurations.
• Strong understanding of Software Development Life Cycle (SDLC) with a focus on Cybersecurity.
• The ability to understand, troubleshoot and solve complex problems.
• Excellent stakeholder management and communication skills.

• Ensure adherence to the three lines of defence organisational model with clear lines of responsibility, accountability, and segregation of duties.
• Ensure compliance with internal audit and external regulators that any organisational changes are fit for purpose and meet their expectations.
• Analyse and execute activities to ensure compliance with Cybersecurity policies and standards.
• Contribute to process, procedures and tool identification/development that will strength the bank’s response to threats and incidents.
• Assess new technology products and projects utilising security technologies pertinent to the department.
• Act as a role model to more junior members of the team.
• Engagement with other Cybersecurity teams, senior management and members of the Business when confronted with potential security issues.
• Expand their skills, knowledge, and experience to enhance the overall capability of the function.
• Review and analyse DAST (Dynamic Automated Security Testing) scanning results and connect with application teams improve scan quality where required.
• Liaise with application teams to onboard and set up website and API scan configurations for automated scanning.
• Drive continual improvement in DAST security scanning product efficacy, coverage, and quality.
• Support internal DAST users via service desk tickets as required.