Information Security Solutions Events, Roles and Jobs
Security Operations Analyst
Reference No. ref 2018
Company Financial
Location City of London
Salary 60,000
Package TBC
Start Date ASAP
No. Required 1
The Role

Job Purpose

This role is within the IT department of a Global Investment Bank. The Security Operations Analyst is part of the Control IT team encompassing Technology Risk and Information Security which acts as the First Line of Defence for IS and IT risks.

You’ll be responsible for undertaking a variety of security operations activities to safeguard the Bank’s information assets. These activities will span a broad range of activities including: running security scans, reviewing and compiling security patch requirements, responding to security alerts and threat intelligence and providing tracking and status summaries for management. You will work closely with other members of the Technology Risk and Information Security team, technical teams in the Global Production Services group, our Managed Security Services Provider (MSSP) to identify appropriate risk mitigation activity and to track the timely delivery of any work agreed.

The Technology Risk and Information Security team currently provides a technology risk service to over 100 different applications and a wide range of infrastructure operating systems and databases across London, NY and Asia and an information security service to the whole firm.

Key Responsibilities / Accountabilities

• Run internal and external vulnerability scans across a global WAN, follow up findings with IT teams
• Review and investigate security alerts and incidents: AV/APT alerts, IDS alerts
• Review and respond to threat intelligence
• Deploy new signatures / rules / patches to contain threats
• Compile security patch requirement data
• Produce infrastructure security build standards
• Liaise with our third party Managed Security Services Provider (MSSP)
• Gather data and producing reports on key security metrics
• Provide management reporting on security operations activities, including key metrics and remediation progress tracking
• Assist with and take responsibility for other common bau security related activities undertaken across the broader Technology Risk and Information Security team, e.g. managing pen testing remediation, approvals of firewall ruleset changes
• Daily review of exceptions

Essential Skills and Experience

• Minimum 3 years’ experience as an IT security analyst
• Security incident analysis and response/experience or being part of a CSIRT team
• Experience working for a regulated financial services company
• Websense or other proxy filter tools
• Administering an enterprise class internal vulnerability scanning tool
• A good understanding of the security mechanisms associated with Windows, Unix operating systems, switched networks (Cisco), applications and databases
• Knowledge of PowerShell

Preferred Qualifications and Experience

• Desktop/server HIPS implementation and configuration
• McAfee EPO
• Professional Qualifications – CISSP, CISA, CISM, GIAC certifications (Desirable)
• Experience with common information security management frameworks, such as ISO 2700x, ITIL, and COBIT frameworks
• Knowledge of network infrastructure, including routers, switches, firewalls, and the associated network protocols and concepts
• Strong technical understanding of IP networking concepts
• QUALYS/NESSUS or similar
• Experience working in or with a SOC
• OWASP vulnerabilities and hardening
• SIEM experience
• Knowledge of C#

Submit your CV for this Role
If you have already submitted your CV to our system, please just enter your email and your current CV will be used
Submit existing CV