Senior Security Operations Analyst

Eames are working with a reputable insurer on the hire of a Senior Security Operations Analyst.

Responsibilities:

• Overseeing the security of the technical infrastructure provided by third-party suppliers, addressing any identified security risks to the organization.
• Managing the remediation of operational risks to their conclusion and taking ownership of these processes within the team.
• Leading the development and enhancement of detection engineering and associated technologies.
• Conducting operational and threat malware analysis for the organization.
• Offering security insights and maintaining relationships with the Service Management function concerning change management, problem management, and incident management.
• Handling level 2/3 operational cyber incident response.
• Promptly escalating any detected incidents and anomalies within the organization, providing expert guidance for operational challenges.
• Monitoring emerging threat patterns, vulnerabilities, and anomalies, escalating unknown threats to relevant areas within the company.
• Collecting metrics on the status of technical information security controls across the organization, identifying risk areas, and developing and managing remediation plans as necessary.
• Collaborating with all CISO teams to report and address operational issues at an architectural level.
• Participating in a shared, rotational 24/7 on-call requirement, acting as the single point of contact for all security-related response actions and decisions, including managing each incident from a security perspective, interacting with Incident Management/Major Incident Management teams, and recording key security decisions.

Qualifications:

• Proficiency and experience in firewalls, intrusion detection and prevention systems, anti-virus and content filtering, URL filtering, authentication solutions, switches, routers, and Voice over IP (VoIP), as well as firewall zoning.
• Ability to interpret system data, including security event logs, system logs, application logs, and device logs.
• Knowledge and experience with enterprise-grade technologies, including operating systems, databases, and web applications.
• Experience in network traffic analysis to identify developing patterns.
• Capability to mentor and upskill junior team members.
• Security analysis skills comparable to CompTIA CySA+ certification or similar.

Preferred Qualifications:

• Experience with technologies such as Data Loss Prevention, Intrusion Prevention/Detection Systems, Firewalls, and SIEM.
• Knowledge of reporting suites such as Power BI.
• Strong understanding of Microsoft security suites and relevant qualifications.
• Expertise in threat identification.
• Security certifications such as CISM, CISSP, M.Inst.ISP, or CISA from a recognized professional body.
• Technical certifications in network or systems engineering from a recognized professional body.
• Understanding of fundamental cloud concepts, particularly for AWS.
• Familiarity with OWASP Top 10 and the API Security Playbook

Eames Consulting is acting as an Employment Agency in relation to this vacancy.