Cybersecurity Analyst
Role details
Job location
Tech stack
Job description
A highly skilled analyst to help the client deliver world-class cyber resilience, safeguarding their organization and clients in an ever-evolving digital landscape.
Outcomes of the project.
- Design a comprehensive High-Level Solution Design and develop a robust Data Model to inform security strategy.
- Calculate essential metrics that culminate in five Key Performance Indicators (KPI's), providing critical insights into security performance.
- Directly influence the Cyber Resilience Index (CRI), a vital measure of the client's security posture, by optimizing and analyzing weighted security capabilities.
About the role As a Data-Driven Cyber Security Analyst you are responsible for driving the implementation of an advanced, data-driven analytic framework, setting the standard for identifying and visualizing security gaps. Your expertise will empower the Cyber Defence unit to make smarter, more informed decisions on how and where to strengthen the bank's cyber resilience.
You will:
- Innovate Threat Models to anticipate future risks.
- Build smarter metrics for measuring security efficacy.
- Deliver actionable, evidence-based insights that directly enhance security.
- Drive high-impact security initiatives.
- Empower stakeholders with clear, data-driven performance views.
- Collaborate for success within a dynamic, multi-disciplinary team.
Responsibilities Your core function is to leverage metrics and generate actionable insights to not only uncover vulnerabilities but also transform data into impactful, evidence-based solutions. You will ensure that the organization's time, budget, and efforts are invested strategically, delivering measurable improvements to the cybersecurity posture and raising the value delivered by Cyber Defence. The team follows a structured, standardized approach, ensuring clarity and consistency at every stage of the process.
Requirements
- Must-Have Expertise:
- 5+ years in cybersecurity, with a strong focus on data science.
- Certifications such as CISSP, GIAC/SANS (e.g., GDSA, GICSP).
- Deep familiarity with MITRE ATT&CK, D3FEND, CAPEC, CVE/CVSS, NIST, CIS Benchmarks and Microsoft Security Benchmark.
- Demonstrable knowledge of how modern EDR/XDR suites work, with the ability to evaluate the efficacy of controls and telemetry coverage (including the Microsoft Defender stack, Azure services, and network-security fundamentals).
- Nice-to-Haves:
- Hands-on experience with PowerBI, Databricks, and Detection Engineering tools.
- Experience with quantitative analysis & statistics, including statistical methods, confidence intervals, Monte-Carlo & Bayesian approaches.
- Proficiency in data tooling: Python (data/ML stack), SQL and KQL. Able to wrangle large and dynamic data sets.
- Familiarity with conceptual languages like ArchiMate.
Profile
- A strategic thinker who can translate complex data into clear, concise, and precise documentation, ensuring seamless communication and traceability of results.
- An innovator with a "Think big, but start small!" mindset, focused on combining forward-thinking ideas with data-driven execution.
