Infrastructure Security

Job Description Summary- The Security Operations Analyst is a hands-on role responsible for configuring, maturing, and undertaking operational activities for the Client’s Security services and IT platforms enabling the Client to achieve its business objectives securely. Operations activities will cover Cloud, hybrid, and on-prem infrastructure and will include, but not be limited to, taking ownership of the Client security portfolio of tools through their life cycle thus ensuring the protect, detect and respond capability is appropriate to address the risks to the business.- Responsibilities- Undertake operational activities, maintain, and improve the Client’s Security Services to protect, detect and respond to security events across multiple platforms:
- Microsoft Security Technologies (Cloud / on-prem)
- AWS Cloud Technologies
- Micro-segmentation
- IDS / IPS
- Firewalls
- Cloud Internet Protection
- CASB
- EDR / Anti-Virus
- Other technologies where appropriate
- Create and maintain operational documentation.
Liaise with 3rd party vendors where required on support issues, feature requests and licensing.
Support, and convey risk, to all IT functions including key Application Teams, Platforms, End-User-Computing, and Networks to ensure well engineered security by default.
Market our Security Operations to the wider Client business, embedding the Security Culture in the Client environment.
Take a Threat-led approach to Security Operations detect and response capabilities, contributing to Threat Assessments / Modelling.
Drive Automation and Integration across the estate to form a modern and efficient Security Operations capability.
Assess the posture of security of platforms and the configuration of security tooling against best-practice and implement changes against a measurable roadmap.
Leverage understanding of Operating Systems, infrastructure, and good business practices to enable identifying security incidents.- As a part of the wider Security Operations team, you may be requested to work on wider areas outside of this core remit. This is likely to offer development potential and varied / interesting work:
- Assist with proactive threat analysis, vulnerability identification and remediation, and network/host vulnerability scanning.
Analyse potential cyber threats from a variety of intakes taking appropriate response actions to include threat containment and/or escalation
Leverage Network security tools and capabilities to support Cyber Threat Monitoring activities
Optimise tuning and filtering for SecOps tools
Provide Incident Response (IR) support and leadership when analysis confirms actionable high severity incidents, working with the wider CLIENT IT Operations teams.
Participate in major incident reviews, post implementation reviews and problem reviews to assist with the identification, review and analysis of security incidents or threats to service.
Integrate and share information with other security analysts and other teams.
Investigate, document, and report on information security issues and emerging trends.
Maintain current situational awareness of trends in cybersecurity threats and specific CLIENT organizational threats.
Create and maintain operational reports for Security KRI’s / KPI’s & monthly metrics (taking inputs from existing 3rd party managed security services)
Document results of cyber threat analysis effectively and prepare comprehensive handoff and/or escalation**_ Client code_**
- Put customers first
- Own it and deliver
- Safeguard what matters
- Work as a team
- Speak up

**Health and safety requirements**
- Conduct yourself, and carry out work, to ensure compliance with the Company’s Health, Safety and Environmental Policies.**Conduct Rules**
- Under the Senior Managers and Certification Regime (SM&CR), the jobholder must abide by the following conduct rules:
- First Tier - Individual Conduct Rules_
- Rule 1. You must act with integrity- Rule 2. You must act with due care, skill, and diligence- Rule 3. You must be open and cooperative with the FCA, the PRA and other regulators- Rule 4. You must pay due regard to the interests of customers and treat them fairly.- Rule 5. You must observe proper standards of market conduct- The Individual**Capability, Knowledge and Experience**:

- You will have a technologist mindset, with strong communication skills and business acumen, and a good track record of successfully delivering / supporting business systems and/or infrastructure throughout the entire product life cycle.- A minimum of 2 years’ experience working in a hands-on IT Security role, or hands-on 1st and 2nd line IT support within either a Service Desk or Infrastructure function
- Hands-on capability with technical solutions (covering core infrastructure components e.g end user compute, servers/platforms, networking devices, Active Directory, Azure/AWS or a mixture of these)
- Understanding of Networking protocols and design (TCP/IP, DNS, HTTP, SMT