PASOTA Cyber Security is looking for a skilled and proactive Senior Infra Security Consultant to join our team in London. The ideal candidate will be responsible for managing security incidents, enhancing security policies, and identifying potential security risks. This role involves a hands-on approach to maintaining and improving the company’s cybersecurity resilience.

REQUIRED SKILLS:

• Enterprise Environment Experience: Hands-on experience in security and/or infrastructure within an enterprise environment.
• Information Security Standards: Exposure to enterprise information security standards, including Cyber Essentials, ISO 27001, 27002, Data Protection Act, and GDPR.
• Microsoft O365 Security Solutions: Knowledge of Microsoft O365 security solutions, networking, security operations, and vulnerability management.
• Security Auditing: Experience in security auditing.
• Vulnerability Scanning: Good understanding of security testing principles, including experience with vulnerability scanning, identifying, resolving, and reporting risks.
• Document Creation: Experience in formal document creation, such as reports or procedures.
• Threat Intelligence: Knowledge of threat intelligence analysis and best practices.
• Incident Response: Familiarity with security incident response processes, procedures, and best practices.
• Disaster Recovery: Understanding of disaster recovery and business continuity principles.
• Event and Log Analysis: Experience in event and log analysis.

• Security Incident Management: Assist with security incident management and response activities.
• Security Alerts: Provide day-to-day support on managing and responding to security alerts from systems and end users.
• Security Checks: Perform daily, weekly, and monthly security checks, reconciliation, and compliance checks; investigate exceptions.
• Risk Awareness: Identify and raise awareness of security risks.
• Policy Development: Develop and enhance security policies, processes, procedures, and technical controls to strengthen security capabilities.
• Risk Mitigation: Proactively identify security risks and opportunities to strengthen resilience to cyber-attacks and security incidents.
• System Design: Participate in the design and implementation of systems and applications.
• Training Guides: Develop user and technical training guides.
• Risk Register: Maintain and manage the IT Risk register.
• Disaster Recovery Testing: Test disaster recovery (DR) plans and capabilities, identify gaps and lessons learned, and work with the business to drive continual development and enhancement.