Senior Security Operations Analyst
: Job Details :

Company : IG Group

Job Location : London, Greater London, UK

Posted on : 2021-04-08T01:32:21Z

Job Description :

Job Title Senior Security Operations Analyst

Job Description

IG’s Security Operations team (SOC) are responsible for managing security related events within IG. The goals of the team are to ensure that security incidents adversely affecting the business are quickly diagnosed, workarounds are determined, proper root cause analysis is performed, and actions are taken to prevent the issue from reoccurring.

The Security Operations function is a vital piece of the organisation ensuring company information and systems are protected from unauthorized access, disruption, modification or destruction. This is accomplished using various operational security controls, processes and policies.

Core functions include:

Security Monitoring
  • Drive the creation and refinement of security monitoring rules, techniques and processes.
    • Proactively hunt for evidence of threats or compromise using all available tools. Incident Management
      • Investigate and resolve escalated security incidents both independently and leading a team of SOC colleagues.
        • Ensure the defined playbooks are followed correctly, and accurate logs are made of all actions during incident response.
          • Support and mentor colleagues with best-practice incident management techniques and behaviors.
            • Perform root cause analysis, recommend process improvements, and write final post-incident reports. Project Delivery

              Take part in the team’s project delivery initiative, rotating between the following roles on a 1-3 monthly schedule:
              • Vulnerability Management – maintain regular scans, interpret results, identify asset owners, track remediation activities and report on the agreed SLAs.
                • Security Controls Administration – maintain availability and functionality of all security controls; implement new and advanced features where available; write technical documentation and manage changes.
                  • SIEM Maintenance & Content – maintain availability of the underlying infrastructure, develop new alerts, field parsers, models and automated playbooks, and integrate new log sources where appropriate.
                    • Threat Intelligence & Threat Hunting – provide, develop and integrate external threat intelligence data into the team’s detection capabilities; perform proactive threat hunts based on working hypotheses, and implement subsequent SIEM alerts where required.
                      • Purple Team & Scenario Exercises – regularly test the team’s detection capabilities, develop scenario based training, and organised purple team exercises, both in house and with third party providers . • Insider Threat – maintain and develop the Data Loss Prevention policies in line with the company’s data classification requirements, and implement exceptions for business approved procedures where required. Improve the detection and response capabilities of the remaining security controls with a focus on insider threat.
                        • Escalation Analyst – support analysts during incident response and take the lead in more complex investigations; validate true positive security incidents, ensuring all playbook actions have been completed reliably with an incident timeline populated, and provide training sessions for other analysts. Reporting & Documentation
                          • Assist with the preparation of regular reports and the collection of defined metrics.
                            • Take an active role in the creation and continual improvement of SOC process and procedures documentation, as well as the refinement of manual and automated workflows and playbooks. Other
                              • Lead the training and development of other SOC team members, sharing knowledge and demonstrating best-practices by example.
                                • Lead internal projects to improve the effective operation of the SOC, such as contrasting competing tools or technologies, re-designing existing security controls and assessing the impact of changes to IG’s IT environment.
                                  • Take an active role in external projects as the security SME ensuring that operational security issues are considered and implemented appropriately. Essential Skills and Attributes:

                                    This is an experienced role, and therefore candidates are expected to convincingly satisfy most of the listed requirements. Successful candidates will demonstrate an independent and self-motivated approach to continuing the development of their skills and knowledge.
                                    • 3 - 10 years of experience in operational IT or security roles is required. o At least 2 years SOC or security experience is required.
                                      • Deep familiarity with one or more SIEM tools is required.
                                        • A good knowledge of a wide variety of security products is required.
                                          • A strong understanding of technical IT concepts is required, including: o Windows and Linux operating systems and system administration o Networking, including TCP/IP and other common protocols o Microsoft Active Directory

                                            o Command line interfaces and scripting
                                            • Understand the role, benefits/downsides, and standard use cases of technical security products, such as firewalls, antivirus, web proxies, SIEM, IDS/IPS, DLP, and EDR.
                                              • Familiarity with vulnerability scanning and penetration testing tools and techniques.
                                                • Strong ability to focus and complete detailed tasks with high degree of accuracy.
                                                  • Able to communicate complex information clearly and logically, both verbally and in writing.
                                                    • Proficient with MS Office for general collaboration, communication and reporting. Desirable Skills:
                                                      • Experience with network forensic tools, such as network sniffers and protocol analysers.
                                                        • Practical experience with penetration testing tools and techniques.
                                                          • Hands-on experience with the administration of cloud environments (especially AWS and Azure)
                                                            • Experience of working in a multi-national organisation. • Experience of working in the finance or technology sectors.
                                                              • Interest in financial products, trading, or investments. Qualifications:

                                                                A university degree in one of the following fields is preferred (but not required):
                                                                • Cyber / Information Security, Digital Forensics, Ethical Hacking
                                                                  • Computer Science, Software Development, Network Engineering
                                                                    • Mathematics, Physics and other STEM subjects Other desirable certifications include:
                                                                      • CISSP • CEH, CREST, OSCP
                                                                        • Security+, Network+, CySA+
                                                                          • Vendor certifications for Microsoft, Linux, cloud, networking or security products Hours:

                                                                            The role is normal UK office hours. The successful candidate may be expected to work overtime in response to occasional major incidents. This is compensated with time in lieu.

                                                                            Number of openings 1

Similar Jobs (236)

Red Top Resources - South West London

Employment Type : Full-Time

capabilities to support the client's estate and data. This role would suit a senior Security Operations engineer/analyst, who...Threat Intelligence and Vulnerability Management Analyst required to support a newly built Security Operations Centre...

Posted on : Sun, 11 Apr 2021 07:20:22 GMT

Apply Now!

Lubrizol - Hazelwood, Derbyshire

Employment Type : Full-Time

. Cybersecurity Forensic Analyst Competitive Salary and Excellent Benefits The Security Operations Centre at Lubrizol... is looking to recruit a Cybersecurity Forensic Analyst to join the team. This is a senior-level technical analyst that is relied upon...

Posted on : Fri, 09 Apr 2021 05:46:02 GMT

Apply Now!

IG Group - London

Employment Type : Full-Time

Job Title Senior Security Operations Analyst Job Description IG’s Security Operations team (SOC) are responsible... to prevent the issue from reoccurring. The Security Operations function is a vital piece of the organisation ensuring company...

Posted on : Wed, 07 Apr 2021 23:32:21 GMT

Apply Now!

Capgemini - United Kingdom

Employment Type : Full-Time

and contractual compliance for all security deliverables, making sure that the client’s Information Security Management System (ISMS.... Reporting to the Cloud Infrastructure Services CISO for UK&I you will be joining a team of more than 150 security professionals...

Posted on : Thu, 25 Mar 2021 06:17:24 GMT

Apply Now!

NTT Ltd - England

Employment Type : Full-Time

from the team. Long-term there may be the opportunity to move on to become a Senior Security Analyst with a specific area... as a Security Analyst you’ll conduct real-time monitoring and analysis of security threats against our customers IT and information...

Posted on : Sat, 13 Feb 2021 07:40:13 GMT

Apply Now!

CDC - London

Employment Type : Full-Time

Senior Operational Security Analyst, Security Intelligence Operations Centre - SIOC / SOC Division: CFO Office... Positions Related Positions No other similar positions Senior Operational Security Analyst, Security Intelligence...

Posted on : Sat, 27 Mar 2021 02:33:06 GMT

Apply Now!

Mastercard - London

Employment Type : Full-Time

– one that makes better decisions, drives innovation and delivers better business results. Job Title Lead Security Operations... security operations analysts for Vocalink. This will comprise the creation, operation and continuous improvement of Security...

Posted on : Fri, 02 Apr 2021 23:15:51 GMT

Apply Now!

Arnold Clark - Glasgow

Employment Type : Full-Time

We’re recruiting for an Information Security Senior Governance, Risk and Compliance Analyst to join our Kilbirnie... and managed. Working closely with the Information Security Operations team to identify, track and report on risks to the Arnold...

Posted on : Wed, 07 Apr 2021 23:09:29 GMT

Apply Now!

Senior Security Operations Analyst Jobs 2020, IG Group Jobs Near Me, Jobs in IG Group Company, Senior Security Operations Analyst Jobs Near Me, Jobs in London, Greater London, UK. If you are looking for these jobs, click this button!

Disclaimer :This job is posted by the company : IG Group, and is aggregated from various online sources and displayed on this page. Our motto is to provide jobs to as many people as we can. For more details :