Senior Security Operations Analyst

Berkshire

Location: Slough

Technology & Innovation

Senior Security Operations Analyst

Langley - Heron Drive - SL3 8XP

Salary - competitive + bonus & benefits

This is an exciting time to join Virgin Media as a Senior Security Operations Analyst as part of the Global Security Operations you will be responsible for monitoring security and managing security incidents across the Liberty Global group. The GSOC function operates on a 24/7 basis and supports Liberty Global by minimising risk exposure, and handling security incidents.

So why Virgin Media? We are delivering the biggest investment in the UK’s digital infrastructure for over a decade, with a £bn programme to extend our ultrafast broadband network and brilliant Virgin TV to millions of homes and businesses. We’re challenging our competitors with the best services and the fastest speeds.

Security Operations Senior SOC Analyst

*

To protect the confidentiality, integrity and availability of all assets and systems through monitoring, analysis, and detection activities derived from logical and physical security log feeds, directly accessed security systems, and ad-hoc reports.
*

To assist in investigations and respond to security incidents, performing triage and engaging the business at multiple levels.
*

The role will encompass being a Security Subject Matter Expert, and will lead, guide, and inspire the team of 24/7 SOC Analysts with a view to develop these skills amongst the team whilst also acting as a technical escalation point. As such, the role requires a deep technical understanding of intrusion detection and analysis, incident response, vulnerability management, and infrastructure.
*

A self-starter is required for this role and the successful applicant will be able to demonstrate taking ownership of and responsibility for resolving issues.
*

They will also be able to work as part of a wider team, guide a team, and be confident in making decisions.
*

The role will be predominantly Mon-Fri office hours, although some out of hours support is envisaged.

Key Accountabilities

*

To provide lead security analysis and support throughout the organisation, ensuring security and governance requirements are met, and be proactive in the identification and remediation of security incidents.
*

To act as a coordinator of activity in a shift operation.
*

To ensure incidents are logged and reported to the business and 3rd parties as appropriate.
*

To proactively develop the team’s capabilities, including attack detection, vulnerability management, process development and improvement, and mentoring the SOC Analysts.
*

To provide technical expertise in establishing the extent of an attack, the business impacts, and advising on how best to contain the incident along with advice on systems hardening and mitigation measures to prevent a reoccurrence.
*

Work closely with other Global Security team members and business units to identify or mitigate threats and support operational teams on security issues, ensuring risks are identified and treated.
*

Develop and manage reports to demonstrate effectiveness and value of the teams work.
*

Key team member in Disaster Recovery testing and management.
*

Key team member in Audit and Compliance activities.
*

Participate in Knowledge Sharing groups.
*

Run test scenarios to build knowledge and ensure completeness for procedures / work instructions.

Essential Knowledge, Experience and Skills

*

Ideally educated to degree level or holding a professional qualification e.g. CISSP, CISA.
*

Experience in security incident response including assessment of security events, providing advanced technical guidance and leading incidents.
*

Experience of working within a Security Operations Centre (SOC).
*

Experience in SIEM operation and configuration (McAfee / Nitro preferred).
*

Experience with Splunk reporting and analysis.
*

Experience of working effectively with a variety of stakeholders from different technology and business teams.
*

In depth knowledge of advanced security analysis including the cyber kill chain, malware analysis, memory and file system analysis, and attack vectors.
*

In depth understanding of IT systems and technologies (e.g. Linux and Windows operating systems, TCP/IP Networking, E-Mail).
*

In depth knowledge of technical security systems, security architecture, security technology, and associated penetration testing and Security Event Management methodologies.
*

Appreciation of the potential impact of security events and ability to prioritise them.
*

Ability to identify developing patterns and trends in data.
*

Strong verbal and written communication skills.
*

Must have the ability to work independently and take initiative.
*

Must have or be able to attain and maintain NPPV SC Clearance.

Desirable Knowledge, Experience and Skills

*

Experience of other security defences such as Firewalls, Snort, Intrusion Detection System (IDS) monitoring and custom rule creation, Endpoint Protection, Netflow analysis.
*

Experience of general IT Audit processes and conducting risk assessments.
*

Experience of security operations activities to support PCI:DSS / SOX and internal and external audits against ISO 27001/27002 relating to security operations.
*

Experience of configuring and working with SIEM systems / other security toolsets, and freeform investigations in these systems.
*

Knowledge of Web Applications.
*

Knowledge of Data Protection and its role within a business.
*

Global Information Assurance Certifications (GIAC) e.g. certified Incident Handler (GCIH), certified Intrusion Analyst (GCIA) would be an advantage.

#LI-SC1