Security Operations Analyst

---

Job description

The Security Operations Analyst is part of the Security Operations Team within Infrastructure and Operations Product Group and is responsible for day to day operational security management, driving improvements to IT security and providing support to change programmes where there is an impact on Security Operations.

KEY ACCOUNTABILITIES & RESPONSIBILITIES:

• Delivering the operational BAU service within the Security Operations function, maintaining the current security architecture, frameworks, policies, processes and procedures, and providing support and administration to security applications and tools where appropriate.
• Working to help investigate and triage security events and where relevant, with suppliers. Helping to identify, defend and protect against compromise to Confidentiality, Integrity and Availability across data and systems. Supporting technical investigations with expertise into how the attack took place along with assessing the potential/current impact and extent of compromise.
• Incident handling of security related incidents including reporting on actions and outcomes to both Product Owner and Senior Leadership.
• Monitoring of, and management of security related ITSM requests - ensuring strict user and privilege access, change control, quality assurance delivery, record keeping and reporting.
• Managing the day to day relationship with 3rd party Security Operations suppliers, ensuring services provided and SLAs are adequately covered in contractual documentation.

MINIMUM CRITERIA:

• Deep knowledge and experience of Information Security principles, tools, processes and procedures.
• Experience of delivering a security operations service in an enterprise grade, fast paced information technology environment consisting of multiple security vendors, supplier and business teams to deliver a seamless security service to the organization.
• Experience of leading complex, business affecting security incidents which require balancing organisational availability requirements and security risk management practices.

ESSENTIAL CRITERIA:

• Experience with real world Security Operations issues gained from working with the balance of business system availability and ongoing security.
• Experience of working with an ISMS (Information Security Management Systems)
• Experience in Security Operations Centre (SOC)/Security Incident Event Monitoring (SIEM) originated security alert investigations
• Experience in use of enterprise security toolsets such as Vulnerability Management, SIEM, Web/Email Proxy, Network Security Systems, Endpoint Security Systems & Cloud centric security products.
• Good communication skills, able to interact closely with both technical and business-based teams.

DESIRABLE CRITERIA:

• Experienced in availability focused Security Incident Management, along with the security analysis related tools and techniques used to carry out security incident response related investigations.
• Ability to take a risk based and pragmatic approach on operational activities to organise, prioritise and ensure team tasks are delivered through to a rapid conclusion.