Security Operations Analyst

LARGE INDEPENDENT IT SERVICES BUSINESS

Birmingham

c£30 - £40k (experience / qualifications dependent) + package

 

General 

This job is within the Security Section of Data Centre Services and reports to the Security Operations Manager.

The role of Security Operations Analyst will offer the successful candidate an exciting opportunity to work closely with the business across a broad range of activities (projects, new product developments, business processes & stake holder advice) to ensure that information is used in a secure and appropriate manner.

Ex military candidates are actively encouraged to apply for this role – particularly any that have QRadar skills, gained on SaluteMyJob’s free training courses or elsewhere.

 

Overall Job Purpose:

The security of information is critical to the ongoing success and reputation of the company’s Secure Data Centre Services business.

Essentially the role will provide an operational security capability, covering a range of tools, services and information, to manage and monitor the security posture of the IT environment; and to provide security incident handling.  You are responsible for providing accurate reporting on security alerts arising from Security Information & Event Management systems (SIEM).

The role will be responsible for analysing logged network, application and system events in order to identify any potentially abnormalities and flag them as incidents for investigation. These will then be investigated with supporting teams to establish if these are a security threat , and if so they will be escalated to appropriate customer or technical resources for remedial action.

The role of Security Operations Analyst will also form part of the core security team that delivers and drives continual service improvement across the internal Security Operations Centre (SOC) function covering Data Centre Services, ensuring customers receive best of breed compliant security services in the most effective and efficient manner.

 

Main Duties of the Job:

·       Monitor Company and Customer environments for security events and breaches, investigating a violation when one occurs.

·       Act as the initial analytical reference point for identifying and then quantifying the nature and extent of an attack, and offer initial professional advice relating to possible business impact.

·       Assist with the triage of security offence logs and ensure events are escalated for future investigation or correctly closed.

·       Assist with identifying vulnerabilities and processing them in accordance with the latest Information Security Risk Management Process including; Risk analysis, identifying and applying appropriate controls, recording, reviewing and approval.

·       Provide the required analytic data to assist with preparation of reports that document offences and the extent of the damage that has or may occur, to include applying quantitative and qualitative risk analysis articulating risks in technical and non-technical terminology, so that it can be interpreted by the company, its customers  and both IT and business individuals.

·       Maintain and support the operational integrity of SOC toolsets, in particular the SIEM Platform, process and procedures, including the development of ‘Playbooks’ to ensure best practice is implemented when possible

·       Assist with assuring compliance functional requirements for each on boarding project and ensure that they are fulfilled prior to going into service

·       Have an active awareness of developing Information Technology and security risk landscape across the Security Analysts and the wider business

·       Develop an understanding of standards and regulations such as GDPR, ISO27001, NIST, PCI, SOX, HTECH

Skills, Knowledge and Experience (if you can cover 70% of this you should apply)

Essential

·       Experience of working within a SOC or similar military environment.

·       Ability to disseminate the right level of technical or solution information to the correct audience

·       Able to manage own workload, ensuring work is delivered on time, and to the required quality

·       Technical knowledge and understanding of information security landscape

·       Demonstrate a logical approach to service delivery

·       Ability to write documentation for various audiences and ability to select appropriate document formats

·       Ability to write, produce and deliver remediation action plans.

·       Excellent communication and presentational skills

·       Technical understanding of key security component functionality and procedures

·       Experience of communicating with and influencing peers and senior management

·       Security Incident Management knowledge

·       Positive personal qualities including business focus, drive, professionalism, integrity and teamwork.

·       Proven analytical and problem solving skills.

·       A proactive approach to problem management and personal development.

·       To have SC security Clearance or be able to undergo the process of SC clearance.

Desirable  

·       Hold or be working to a recognised Information Technology qualification (e.g. CompTIA A+, S+, N+, CCNA, CCNP or demonstrate strong capabilities in Information Security Compliance)

·       Working knowledge of service management tools Assyst / Service Now

·       A minimum of 2 years’ experience within a SOC environment using a SIEM toolset

·       Experience of ITIL v4 service management

·       IBM Q-Radar SIEM Software

Please apply with CV in Word and short covering letter explaining your fit to the role and earliest availability.