Security Operations Lead | Andover, UK
Posted: Sep 16, 2020 6:18:56 AM
Are you looking for your next step-up in the security operations space?
CloudPay is currently seeking an enthusiastic, experienced security operations analyst/engineer to lead and improve our newly established virtual security operations centre.
As a completely new position, this is a great opportunity to make your mark on a rapidly growing global business!
“Reporting to the Head of Global Infrastructure, you will help to manage, maintain and improve the newly formed virtual SOC.
Working closely with the engineering, audit & compliance teams, as well as many other parts of the business, you will lead the charge on maintaining and improving the cyber/physical security stance, and resilience of the business.”
Package and Benefits:
- Competitive annual salary
- 24 days annual leave, plus bank holidays
- Flexible pension contribution
- Life assurance x4
- Private medical insurance
- Personal and professional development opportunities
- Friendly and flexible working environment
Attributes and Experience Required:
- Suitable degree, Industry recognised security certifications, or equivalent experience within the industry
- Practical experience with firewall IPS and IDS solutions (Checkpoint/Fortinet a bonus)
- Practical experience with monitoring, maintaining and improving SIEM solutions
- Experience with internal and external vulnerability scanning and management (Web Applications and Network)
- Basic understanding of Static and Dynamic code scanning analysis
- 3+ years experience with incident response processes
- 3+ years experience in a SOC or monitoring the security of a global business
- Comfortable with suggesting and introducing new, and improved ways to monitor the security stance of the business
- Professional and Personable, with the ability to work with professionals and executives from across the business, as well as Vendors, and occasionally Customers
- Team Player
Desirable:
- An understanding of Audit processes (SOC, ISO)
- Experience of working within a DevSecOps environment
- Penetration testing/Red Team exercise experience
- An understanding of physical security, as well as cyber/digital
- Experience with some of; Crypto, JIRA, Confluence, CloudWatch, Dome9, Sophos, Nessus, ClamAV, Veracode SAST/DAST, Solarwinds, Wazuh or similar applications
- Experience in Managing teams
Daily Duties and Main Responsibilities will include:
- Dealing with monitoring, alerting and issues in an appropriate and timely manner
- Setting up, maintaining and improving the new SIEM solution
- Owning the Vulnerability Management process, and ensuring that identified vulnerabilities are dealt with appropriately and in a timely manner
- Working with, and creating issues raised by, the existing MDR (Managed Detection and Response) vendor
- Monitoring of the Cloud and On-Prem estate compliance and security, using industry recognised monitoring tools, including raising tickets as and when required
- Defining and documenting new processes and ensuring the required actions are taken by the relevant team, for dealing with all of the above
- Understanding the compliance and audit requirements of the business, and helping to ensure they are met continuously as far as security and alerting, policies and processes are concerned
- Support the Head of Infrastructure, Corporate IT Manager and Compliance team with; Reporting violations, Internal investigations and Creating Reports
- Flying the flag for continuous improvement of tools and processes
- Potential to manage a small, globally diverse team of engineers