Senior Security Operations Analyst
Posted a month ago
- South East London
- Any
- External
- Expires In 2 months
Our partner are one of the UK's largest insurance companies, offering a wide range of general insurance products across motor, travel, commercial, home, pet and rescue.
They have an exciting opportunity for a Senior Security Operations Analyst to join their re-energised Cyber Defence team! Reporting into the Cyber Defence Security Operations Lead, you will act as the as a secondary contact and escalation point for the team. You'll manage a team of Security Analysts to oversee the day-to-day operational delivery of services provided by our third party 24x7 Security Operations Centre, and will take ownership of our security presence and identify any gaps by working with various stakeholders across the business.
What else you'll be doing :
Maintaining security oversight of the technical infrastructure delivered by third party suppliers and raising concerns/issues that pose a security risk to the organisation accordingly. You will also manage any operational risk remediation to conclusion and take ownership within the team.
Managing development and improvements required for detection engineering and associated technologies.
Responsible for the operational and threat malware analysis for the group.
Providing security input and for maintaining relationships with the Service Management function in relation to change management, problem management and incident management.
Responsible for the level 2 / 3 operational Cyber incident response.
Escalating in a timely manner any incidents and anomalies that are detected and providing subject matter expertise and guidance for operational challenges.
Monitoring and responding to emerging threat patterns, vulnerabilities and anomalies and providing escalations of any unknown threats to relevant areas within the company.
Collating metrics on the status of technical information security controls across the estate, highlighting risk areas and working to develop and manage remediation plans as required.
Collaborating with all CISO teams to report appropriate operational issues that may be resolved at an architecture level
What you'll need :
Knowledge and operational experience in firewalls, intrusion detection and prevention systems, anti-virus and content filtering, URL filtering, authentication solutions, switches, routers, Voice over IP (VoIP), firewall zoning.
Ability to read and understand system data including security event logs, system logs, application logs, and device logs, etc.
Knowledge and experience of enterprise grade technologies including operating systems, databases, and web applications.
Knowledge and experience of performing network traffic analysis for identifying any developing patterns.
Ability to assist with knowledge transfer and mentoring/up skilling of junior team members
Security Analysis for CompTIA CySA+ or similar level of certification
It would be beneficial if you have :
Experience with any of the following technologies: Data Loss Prevention, Intrusion
Prevention/Detection Systems, Firewalls, SIEM.
Knowledge of reporting suites such as Power BI
Good understanding of Microsoft security suites and associated qualifications
Threat identification.
Security certifications such as CISM, CISSP, M.Inst.ISP, CISA by a recognised professional body
Technical certifications by a recognised professional body in network or systems engineering
Fundamental Cloud Concepts for AWS.
OWASP Top 10: API Security Playbook.
Operational On-Call Requirement
This role has a shared, rotational 24/7 on-call requirement and forms part of information security incident response capability. You will act as the single point of contact for all security related response actions and decisions, including management of each incident from a security perspective, interaction with IM/MIM teams (where required) and recording of all key security decisions.
They have an exciting opportunity for a Senior Security Operations Analyst to join their re-energised Cyber Defence team! Reporting into the Cyber Defence Security Operations Lead, you will act as the as a secondary contact and escalation point for the team. You'll manage a team of Security Analysts to oversee the day-to-day operational delivery of services provided by our third party 24x7 Security Operations Centre, and will take ownership of our security presence and identify any gaps by working with various stakeholders across the business.
What else you'll be doing :
Maintaining security oversight of the technical infrastructure delivered by third party suppliers and raising concerns/issues that pose a security risk to the organisation accordingly. You will also manage any operational risk remediation to conclusion and take ownership within the team.
Managing development and improvements required for detection engineering and associated technologies.
Responsible for the operational and threat malware analysis for the group.
Providing security input and for maintaining relationships with the Service Management function in relation to change management, problem management and incident management.
Responsible for the level 2 / 3 operational Cyber incident response.
Escalating in a timely manner any incidents and anomalies that are detected and providing subject matter expertise and guidance for operational challenges.
Monitoring and responding to emerging threat patterns, vulnerabilities and anomalies and providing escalations of any unknown threats to relevant areas within the company.
Collating metrics on the status of technical information security controls across the estate, highlighting risk areas and working to develop and manage remediation plans as required.
Collaborating with all CISO teams to report appropriate operational issues that may be resolved at an architecture level
What you'll need :
Knowledge and operational experience in firewalls, intrusion detection and prevention systems, anti-virus and content filtering, URL filtering, authentication solutions, switches, routers, Voice over IP (VoIP), firewall zoning.
Ability to read and understand system data including security event logs, system logs, application logs, and device logs, etc.
Knowledge and experience of enterprise grade technologies including operating systems, databases, and web applications.
Knowledge and experience of performing network traffic analysis for identifying any developing patterns.
Ability to assist with knowledge transfer and mentoring/up skilling of junior team members
Security Analysis for CompTIA CySA+ or similar level of certification
It would be beneficial if you have :
Experience with any of the following technologies: Data Loss Prevention, Intrusion
Prevention/Detection Systems, Firewalls, SIEM.
Knowledge of reporting suites such as Power BI
Good understanding of Microsoft security suites and associated qualifications
Threat identification.
Security certifications such as CISM, CISSP, M.Inst.ISP, CISA by a recognised professional body
Technical certifications by a recognised professional body in network or systems engineering
Fundamental Cloud Concepts for AWS.
OWASP Top 10: API Security Playbook.
Operational On-Call Requirement
This role has a shared, rotational 24/7 on-call requirement and forms part of information security incident response capability. You will act as the single point of contact for all security related response actions and decisions, including management of each incident from a security perspective, interaction with IM/MIM teams (where required) and recording of all key security decisions.
.webp "Apply4U | Sign Up")
.webp "Apply4U | Contact Us")
.webp "Apply4U | Sign up")
