Cookies — it's your choice

At Bright Network we use cookies and similar technologies to help deliver you the best possible experience. Some are necessary to help our website work properly and can't be switched off, and some are optional but support Bright Network in building and running the service that we provide to you.

Data we store

You can find out more in our privacy policy at any time by going to the link in our footer.

    1. Home
    2. Graduate Jobs
    3. Consumer, FMCG & Retail
    4. Junior Information Security Analyst Manchester 2021
    Lock Applications for this job are now closed
    Closing soon

    Our vision is to lead the fashion e-commerce market globally, in a way that delivers for our customers, people, suppliers and stakeholders. Our brands operate along the same principles today as when boohoo was founded in 2006: through a test and repeat model that brings the latest trends and fashion inspiration in a matter of weeks to our customers across the world.

    We have developed a unique platform, through years of investment in technology and processes, supply chain relationships and with the know-how of a great team of people. This platform enables us to penetrate markets and expand rapidly, operating multiple brands as we progress with our ambition to lead the online fashion market.

    With the growth of the business boohoo have invested in developing and enhancing its IT security function, this has given rise for the creation of the role for a junior security analyst to work within the IT department and dealing with every aspect of security monitoring and testing across all the business areas.

    This is a very exciting opportunity to work for a very progressive company alongside a close knit family of colleagues in a fantastic environment.

    We are in the early stages of creating our security operations centre, and work with a world leading managed security services provider (MssP) partner.

    Responsibilities

    • Day to day monitoring and administration of security controls around tooling solutions and Cloud based systems such as Office 365, AWS, Azure.
    • Day to day monitoring of SIEM, Brand Protection, Vulnerability Scanning, Threat Detection and Intelligence, working in conjunction with partnered MSSP
    • Monitor the boohoo security services to ensure that patching, security controls and mechanisms are operating effectively – investigate issues and escalate to providers where appropriate.
    • Assist in developing, maturing and managing the existing operational processes for run books to be created or automated where possible
    • Assist in delivering security reviews and management metrics to ensure the integrity, confidentiality, and availability.
    • Proposes improvements within the scope of the Security Operations that will lead to automation, standardisation, and consolidation for ease of support and maintenance
    • Create working relationships with business owners to deliver and enhance the service.
    • Takes ownership in obtaining information, evidence and data required to diagnose and resolve complex problems
    • Proactively analyses trends and reports to highlight potential problems, maintain and enhance service.
    • Flexible member of the security operations team to provide knowledge, assistance and advice with other members
    • Maintains awareness of technical and service developments, taking the initiative to extend own knowledge to learn about products, technologies and techniques to deliver enhanced service.
    • Monitoring of events and alerts from multiple technologies to detect potential malicious activity.
    • Responsible for carrying out analysis and triage of Cyber Security events.
    • Taking ownership to identify and assess the appropriate outcome and response to an event.
    • Clear and concise communication and collaboration when responding to events through to remediation.
    • To identify, escalate and debate all risks to the business, by analysing events/metrics and escalation data, identify patterns and trends on high risk controls and proactively suggest, develop and implement enhancements to reduce risk.

    Essential Skills and Competencies

    • Degree in Cybersecurity or relevant qualifications in a related field.
    • Strong knowledge of common operation systems (Windows, Linux, etc.) and endpoint security principles.
    • Demonstrated ability to analysing and correlating information from a variety of enterprise technologies.
    • Hands-on experience with common security technologies (IDS, Firewall, SIEM, etc.).
    • Strong knowledge of common security analysis tools & techniques.
    • Understanding of common security threats, attack vectors, vulnerabilities and exploits.
    • Strong knowledge of common networking services and protocols (TCP/IP, SSH, FTP, DNS, DHCP, SMTP, SSL, etc.).
    • Malware Analysis (Analysis of documents/ malicious binaries/ understanding and interpreting results of Sandbox output)
    • Contain service attacks i.e. lateral movement privilege escalation and APT
    • Network Based Attacks/ Incidents (DDoS/ IDS Alerts)
    • Containment (Understanding of containment of security incidents both at the network and host layer)
    • Good verbal and written communication skills
    • Good analytical and problem solving skills
    • Knowledge using Vulnerability Assessment tools like Nessus, Qualys etc.
    • Good understanding of IT security principles
    • Creation of use cases and Mitre ATT&CK framework

    Desirable Skills and Competencies 

    • Digital Forensics (Basic understanding of key concepts)
    • Experience of common information security management frameworks and standards, such as ISO27K, ITIL, COBIT, PCI-DSS and National Institute of Standards and Technology (NIST
    • Exposure to standards and policies relating to ISO27001/2 controls
    • Experience with Security design testing in accordance with the OWASP security testing methodology
    • Experience with Threat identification and remediation including penetration testing
    • Familiarity with relevant legislation including DPA and GDPR.
    • Exposure to risk assessments of products and services.
    • Exposure to treatment plans for risks and management of risk models.
    • Working towards or have obtained a GIAC, CEH qualification

    What you'll get as at Boohoo

    • Competitive salary based on experience 
    • Bonus  
    • Share Scheme 
    • Contributory Pension 
    • 40% discount across all brands 
    • Subsidised restaurant 
    • The opportunity to work in a company that encourages engagement and growth!