IT Security Operations Analyst

Location Surrey
Discipline: Information & Cyber Security
Job type: Permanent
Salary: 50k per annum

H&R Talent are looking for someone who is personable and approachable as the role is highly customer facing with the ability to work to tight deadlines and under pressure with self-discipline who wants IT career progression.

As a member of the IT Security Operations team, you will report to the Information Security Manager where you will maintain the confidentiality, integrity and availability of the organisation and its customers’ information and information systems. This will be primarily achieved through the identification and response to security events, identified on event monitoring systems.

Main responsibilities:

  • Develop and maintain SIEM services based on MS Sentinel for the organisation and our customers. including but not limited to advising of events capture, tuning, use case development, alert triage and response

  • Act as a mentor for other team members on MS Sentinel and be an advocate for IT Security.

  • As part of the Security Operations team, identify, triage and respond to security events identified by any of the security controls used in the organisation or its customer environments.

  • Respond and manage service requests, problems and incidents logged at the Service Desk or act as a point of escalation for security related issues from any source within the organisation or its customer base.

  • Providing root cause analysis of security breaches in a confidential manner, relating to the Service Operations and Service Support environments and report findings as part of the post-incident review.

  • Advising the Information Security Manager of any improvements to working practices or beneficial technical changes to improve the security and performance of its infrastructure / services.

  • Drafting and managing processes and procedures relating to Security and Operations.

  • Ensuring that all documentation and reports are delivered to the organisation's standards and compliance.

Qualifications

Essential: Professional IT qualification such as MCSE, CCNA, CompTIA etc. or Information Security qualification such as SSCP, Security+, ECIH

Desirable: MS SC-200

Relevant IT based degree (or equivalent).

Experience:

Essential:

  • Demonstratable experience on monitoring and developing use cases in SIEM products

  • Ability to investigate, troubleshoot and resolve security events.

  • Good level of knowledge in IT and networking fundamentals, for example, Operating Systems, Directory services, TCP/IP, DNS, HTTP(S), SMTP

  • Good level of understanding in the approach threat actors take to attacking a network, phishing, port scanning, web application attacks, DDoS, lateral movement

  • Experience working in an operational IT Services environment

  • Knowledge in Windows and/or Linux operating systems, how to investigate them for signs of compromise

  • Experience working in a Security Operations Centre

Desirable:

  • Experience in a commercial IT Solutions provider or Managed Services environment.

  • Foundational understanding for Public / Private Cloud Services (Azure/AWS/O365, CASB etc) and how an attacker can utilize these platforms

  • Use of MS security stack – Defender for Endpoint, Defender for Identity etc

Skills & Abilities:

Essential:

  • Comfortable in analysing and creating scripts, preferably in KQL

  • Ability to identify, recommend and implement operational improvements

  • Hands-on, pro-active approach.

  • Ability and enthusiasm to learn and self-motivate.

  • Attention to detail with strong analytical, interpretation and problem-solving skills

  • Strong interpersonal skills

  • Accurate and clear written, and oral communication skills

  • Strong interest in IT Security

  • Ability to generate reports and present key security metrics

Desirable:

  • Knowledge of Government Security frameworks (PSN, DSP Toolkit, G-Cloud etc.)

  • Policies, Procedures and Quality Standards

*All employees will be expected to become familiar with and adhere to all company policies and procedures including the Health and Safety Policy.

*All employees will be expected to support company quality standards including, but not limited to, the following:

  • ISO 9001

  • ISO 14001

  • ISO 20000

  • ISO 27001