Security Operations Analyst

Berkshire

Location: Slough

Technology & Innovation

Security Operations Analyst - shift

Langley - Heron Drive - SL3 8XP

Salary - competitive + 25% shift uplift

This is an exciting time to join Virgin Media as a Security Operations Analyst as part of the Global Security Operations you will be responsible for monitoring security and managing security incidents across the Liberty Global group. The GSOC function operates on a 24/7 basis and supports Liberty Global by minimising risk exposure, and handling security incidents.

So why Virgin Media? We are delivering the biggest investment in the UK’s digital infrastructure for over a decade, with a £bn programme to extend our ultrafast broadband network and brilliant Virgin TV to millions of homes and businesses. We’re challenging our competitors with the best services and the fastest speeds..

Security Operations SOC Analyst

*

To protect the confidentiality, integrity and availability of all assets and systems through monitoring, detection, and analysis activities derived from logical and physical security log feeds, directly accessed security systems, and ad-hoc reports.
*

To investigate and respond to security incidents and engaging the business at multiple levels.
*

To undertake monitoring of security controls and policy adherence in line with Company policies based on ISO27001, PCIDSS, DPA and SOX.
*

The role forms part of a team of 24/7 SOC Analysts and an understanding of intrusion detection and analysis, incident response, vulnerability management, and infrastructure would be of advantage.
*

A self-starter is required for this role and the successful applicant will be able to demonstrate taking ownership of and responsibility for resolving issues.

Key Accountabilities

*

Be proactive in the identification and remediation of security incidents.
*

Ensure incidents are logged and reported to the business and 3rd parties as appropriate.
*

Work closely with other Global Security team members and business units to identify or mitigate threats and support operational teams on security issues, ensuring risks are identified and treated.
*

Deliver reports to demonstrate the effectiveness and value of the teams work.
*

Ensure Audit and Compliance activities are carried out and logged.
*

Ensure completeness of procedures / work instructions and drive improvement in these areas.

Essential Knowledge, Experience and Skills

*

Ideally educated to degree level or holding a professional qualification e.g. CEH, CCNA, CCNS.
*

Experience in incident response including verification of events, and leading incidents trough to conclusion.
*

Experience of working effectively with a variety of stakeholders from different technology and business teams.
*

In depth understanding of IT systems and technologies (e.g. Linux and Windows operating systems, TCP/IP Networking, E-Mail).
*

Appreciation of the potential impact of security events and ability to prioritise them.
*

Ability to identify developing patterns and trends in data.
*

Strong verbal and written communication skills.
*

Knowledge / awareness of advanced security analysis including the cyber kill chain, malware analysis, memory and file system analysis, and attack vectors.
*

Must have the ability to work independently and take initiative.
*

Must have or be able to attain and maintain NPPV SC Clearance.

Desirable Knowledge, Experience and Skills

*

Appreciation of other security defences such as Firewalls, Snort, Intrusion Detection System (IDS) monitoring and custom rule creation, Endpoint Protection, Netflow analysis.
*

Appreciation of general IT Audit processes and conducting risk assessments.
*

Appreciation of security operations activities to support PCI:DSS / SOX and internal and external audits against ISO 27001/27002 relating to security operations.
*

Appreciation of configuring and working with SIEM systems / other security toolsets, and freeform investigations in these systems.
*

Appreciation of Web Applications.
*

Appreciation of Data Protection and its role within a business.
*

Global Information Assurance Certifications (GIAC) e.g. certified Incident Handler (GCIH), certified Intrusion Analyst (GCIA) would be an advantage.

#LI-SC1