Mercury is the European leader in construction solutions.
We build and manage complex engineering & construction projects for the world's leading corporations. Our solutions help deliver technologies and life changing advancements that connect people, communities, and businesses, giving them the power to achieve incredible things. Our people have the courage to be innovative. Their determination and sharp focus enable us to deliver with certainty, time and time again.
We deliver our clients' visions through leading edge construction solutions across multiple sectors, including Enterprise Data Centres, Advanced Technology & Life Sciences, Hyperscale Data Centres, Fire Protection.
At Mercury, it is our duty to encourage and back our people to realise their vision of themselves. We place them at the heart of what we do, providing challenging opportunities to develop within a great team in a supportive environment that allows them to reach their full potential.
Scope of the Role:
We are seeking a highly skilled and experienced IT Security Analyst who will respond to and investigate cyber threats within Mercury's enterprise environment using various top tier security tool and services. The role requires working closely with external managed SOC provider and internal IT Infrastructure team. As part this role you will be required also to promote positive cybersecurity culture within the company and be involved in cybersecurity awareness training campaigns. The role requires also contribution to and active development of ISO27001:2022 certified ISMS programme.
Responsibilities of the Role:
* Managing Security Incidents in ServiceNow and other platforms
* Investigating all informational and minor level security incidents
* Supporting ISMS programme (SOA, SOPs, Procedures)
* Engaging with end users flagged by security monitoring tools
* Working closely with Managed Security Service Provider on triaging security incidents.
* Addressing vulnerabilities on end user devices (Windows and Mobile)
* Escalating Major and Critical severity incident to Security Ops Investigators / Sys Admins
* Monitoring engagement and contributing to Cybersecurity Awareness and Training programmes (including selecting and developing security awareness content)
* Hosting security training webinars and workshops for end users
* Analysing output from various UBA tools
* Investigate and advise on end user concerns surrounding phishing and other cyber activities
* Adhering to and improving security protocols
* Following common security frameworks (e.g., ISO27001, NIST)
* Addressing information security non-conformance reports
* Coordinating phishing simulations
* Facilitate security workshops
* Participate in policy review as required
Key Skills:
Technical skills
* 1-3 years' experience as a Security Analyst or equivalent knowledge
* Knowledge of various security methodologies and processes, and technical security solutions (SIEM, IDS/IPS, Firewall Solutions, Offensive Security tools)
* Experience with enterprise level Endpoint Security / EDR solutions (e.g., CrowdStrike, Carbon Black, Defender for Endpoints)
* Working knowledge of ISO27001 framework
* Familiar with vulnerability management process and common enterprise VM platforms (e.g., Qualys, Rapid7, Tenable,)
* Experience with Microsoft Identity Services and relevant Security Tools (Entra ID, Conditional Access, Microsoft Defender, Identity Protection, PIM)
* Experience with enterprise level email security tools (e.g., Mimecast, Proofpoint, Abnormal)
* Experience with various MFA protocols
* Knowledge of TCP/IP Protocols, network analysis, and network/security applications
* Familiarity with web security / SASE / SSE platforms (e.g., Netskope, ZScaler)
* Basic experience with standard log analytics tools (e.g., KQL)
Personal skills
* Problem solving – to take structured approach to problems
* Ability to manage and prioritize own tasks
* Proven interpersonal skills
* Willing to constantly improve qualifications
* Full Driving Licence
Education (Desired Skills)
* CompTIA Security+ / CySA+
* CEH
* CompTIA Network+ / CCNA
* CompTIA PenTest+
* MS-500 / AZ-500
* BA/MSc in computer science or in related field.
Mercury is an equal opportunities employer