Internal Cyber Security Operations Analyst/SOC Analyst - Global e-Comm

Recruiter
Apollo Solutions
Location
London
Salary
Competitive
Posted
07 Sep 2017
Expires
05 Oct 2017
Contract Type
Permanent

Internal Cyber Security Operations Analyst

Our client is a unique and forward thinking Global e-Commerce business based in Central London. They are looking to grow their fast-paced Security Team.

In this role, you will be a member of the internal security operations team that works in conjunction with the outsourced security operations centre to provide day-to-day security support.

Reporting Lines: Direct - Internal Security Operations Lead

  • A hands-on and technical security analyst who has direct experience of operating within a small security team in a fast-paced growing organization, mitigating critical security risks, and implementation of security technologies.
  • Ability to operate within an environment in which much of the end to end accountability sits within the individual infrastructure, operations or software teams (e.g. third parties may be providing Threat & Vulnerability management capability and a managed security provider may be providing a security operations centre).
  • An individual who can operate effectively within a matrix organization in which some of his/her areas of responsibility or accountability would need to be delivered via influence and relationships rather than all under their control (e.g. the network perimeter security managed by the infrastructure team)

Accountabilities:

  • Apply the information security strategy and ensure that there is quantifiable progress in applying the strategy
  • Review and contribute to information security standards and policies
  • Monitor and enforce information security standards and technologies for all company systems and infrastructure
  • Monitor industry trends, evolving threats, vulnerabilities and control techniques
  • Collaborate with the Security Operations Centre; ensuring that all relevant company systems are actively monitored and relevant alerts are being raised and investigated in a timely manner. This may require the use of a specialist third party.
  • Follows and contributes to the Security Incident response processes, investigations and security operational processes
  • Collaborate with the Technology operational team to ensure information security risks in both ongoing and planned operations are properly considered and all compliance matters are being adhered to as required.
  • Lead and / or advise business units as necessary to investigate security incidents; to pursue associated potential disciplinary and legal actions in collaboration with the People team and Legal as appropriate
  • Conduct regular and ongoing monitoring of and reporting on enterprise-wide compliance with information security standards and policies

Key KPIs:

  • Achievement of agreed security standards as agreed by the Internal Security Operations Lead
  • Appropriate security governance processes are implemented and adhered to
  • Appropriate security policies and practices are implemented and adhered to
  • Appropriate security technologies as defined in the strategy are implemented successfully
  • Investigate security, payment card information and personal identifiable information incidents and alerts
  • Define viable post-incident review actions that reduce or remove the risk of the incident/alert occurring again
  • Action security related tickets that are raised on the Service Now portal

Technical Skills / Experience:

  • Bachelor's degree in Information Security, Computer Science, Information Management Systems, Business/Accounting or related field/related experience
  • Previous experience as a Cyber Incident Response analyst
  • Direct experience working with a Managed Security Services Provider
  • Security Incident response experience
  • Strong technical skills relevant to Information Security such as secure coding standards, ethical hacking techniques, network security, SIEM and risk analysis
  • Familiarity with Information Security industry standards/best practices and relevant regulations (e.g. PCI DSS, SOX, NIST, ISO, CobiT)
  • Analytical and detail-oriented
  • Strong understanding of security technologies and best practices
  • Strong communication and presentation skills

Technology

This role requires passion about technology & security and the ability to adapt fast. In return, the company offers you the opportunity to be part of a growing fast-paced and ambitious team, strong career progression opportunities, a buzzing work environment, and great salary and bonus.

If this sounds of interest, please apply here.