Security Operations Analyst

Intro to Security and Privacy Engineering

Our Security and Privacy Engineering team is here to make sure that we remain a secure and trusted partner for all of these businesses as we grow. We believe security and privacy works best when it is part of the product, so we focus on inspiring autonomous teams to take shared responsibility for security and privacy.

The role

As a Security Operations Analyst you will provide subject matter expertise on our security detection and response capabilities. We run a small, collaborative team, so you will be involved in the end-to-end process of Security Operations; from defining our security use cases through to incident response.

Your background will ideally be in security operations. In any case, you will be experienced using SIEM tools to develop security monitoring cases and writing scripts to automate tasks and will have previous experience in incident response and threat management.

We want people who can help make security part of our day-to-day operations, so you will be someone who enjoys working across team, function and group to improve the security posture of an organisation.

In this role you will:

Work closely with the Security Operations manager to ensure we take a data driven approach to presenting our security posture

Ensure that we perform scheduled vulnerability assessments, and work with our IT and infrastructure teams to ensure that we maintain agreed configuration standards

Analyse logs from multiple sources (eg: IDS, endpoints, email) to identify and investigate security events and anomalies

Work closely with other Security Operations Engineers to review and onboard security tools as we identify new requirements

Run day-to-day security operations activities. This could be anything from responding to one of our users who was concerned about a suspicious email, to preparing a threat report or responding to a security incident

Provide technical support for on call outside normal business hours (when required)

Desired skills

Experience using SIEM (ideally Splunk) tools to develop security monitoring cases and writing scripts to automate tasks

Previous incident response experience

Ability in using EDR or IDS/IPS tools

Good fundamental knowledge on information security

Knowledge of cloud security best practices

Excellent written and verbal communications skills to describe security event details and technical analysis with audiences within the cybersecurity organisation and other technology groups

What we have to offer

Among other things:

Focus on your growth and development: regular discussions with your manager about your personal goals, feedback, coaching, learning and conference budget.

A clear career progression: opportunities for growth and leadership aligned to our competencies framework.

Ownership and autonomy: we give people problems to solve rather than specifications to implement, end to end ownership (deciding on the solution, implementing it, releasing it, maintaining it)

Good work-life balance