Security Operations Analyst
Purpose of Role:
As a Security Operations Analyst, you should have a real passion for all things security. The role will maintain and improve the company’s Operational Security Posture with a focus on refining and enhancing operational processes and procedures that manage and protect live services across the organisation.
You will need to respond to both Security Incidents and events logged by staff members and partners, security monitoring, tools and systems. You will be expected to analyse and respond appropriately to incidents, and you will need to be able to communicate effectively with all colleagues both written and verbally.
You will collate information from security monitoring tools and systems, which will enable you to provide an accurate view of the organisations security posture. You will need to educate and advise colleagues on all suspicious security related events and ensure mitigations and improving are established.
You will be required to interact and engage with key stakeholders across all technology teams across the business.
- Responsible for the monitoring of Security Information and Event Management (SIEM) and responding appropriately (detect, investigate, and respond to any types of security incidents)
- Ensure teams are appropriately assessing and remediating discovered vulnerabilities based on their impact to the business and relevance to their technologies
- Regularly engages with our SOC partner e2e-assure, collaborating on the timely resolution of security tickets, attends and contributes towards Service Management activities such as Ticket and Service Reviews.
- Initiate and coordinate vulnerability response and remediation working in co-operation with owning teams
- Responsible for the secure administration and day-to-day management of Security Tooling
- Day-to-Day reactive operations responsibility monitoring and response for UKCloud platforms and critical security services
- Identifies security threats and security incidents
- Triages and prioritises threats and security incidents and sees through to resolution
- Performs regular Firewall/Log reviews
- Responsible for the containment of a security incident and prevention of further attack
- Monitor security tooling/systems
- Plan preventative measures and procedures
- Create a plan for how to respond to threats
- Establish and implement security measures
- Investigate and respond to security incidents
- Providing assisting with security training and education throughout the organisation
- To be part of an On-Call rotation typically 1 in 4 weeks
- Demonstrate efficient decision making with a proportionate approach during an incident considering all circumstances.
- Some emergency assistance with out-of-hours incidents may be required.
- Experience working within a Security Operations Centre (SOC) environment
- Incident Response
- Experience utilising Security Incident & Event Management (SIEM) tools and technologies
- Cyber hunting technologies
- Good analytical skills to identify threats/risks/vulnerabilities and perform root cause analysis
- Curious and keen to explore problems to their resolution
- Strong communications skills (written and verbal)
- Good stakeholder engagement skills
- Ability to multi-task, seeking guidance and assistance where necessary
- Ability to work alone and as part of a team
- Highly motivated and keen to learn new skills
- A recognised professional certification relevant to Cybersecurity
Information Security Management System
This position is within the scope of the UKCloud Information Security Management System (ISMS), and the post holder is responsible for complying with applicable requirements of the UKCloud Information Security Policy, Information Security Manual, and all other information security policies, processes and documentation including UKCloud SyOPs (UKC-AAA-11).
Information Security: Asset/Control/Risk Ownership
This position may be responsible for the ownership of:
- Information Assets or Supporting Assets
- Control Objectives or Controls
- Management of identified risks
- Suppliers – specifically their information security responsibilities
IT System Access
Employees holding this position will automatically be provided with access to the systems and data that have been specified within the UKCloud IT System Access Matrix (UKC-GEN-46).
UKCloud provides an unbeatable, secure UK public cloud. Focused solely on serving the UK Public Sector. We are committed to assurance and security while delivering flexible, agile and value-based cloud hosting to our customers.
- Doing the right thing. By delivering better services to citizens and better value for taxpayers, by reducing the time, costs, and risks of digital transformation.
- Accelerating digitalisation with local multi-cloud experts. Our award-winning customer support is here to help our customers throughout their journey with us.
- Harnessing multiple cloud services. To help organisations use multi-cloud to address existing and legacy IT as well as cloud native applications.
- Uncompromising safety and integrity. As we believe the UKs public services are a national asset that needs protecting and nurturing.
Formed in 2012, UKCloud is based in Farnborough (Hampshire) and Corsham (Wiltshire). We have a team of 200+ people and we continue to grow! We are looking for people who want a rewarding career in a business who truly invest in you as an individual.
Competitive salary plus 10% bonus potential paid quarterly
25 days' annual leave increasing to 30 days with length of service + half day birthday leave + charity day + Bank Holidays
Options to buy and sell annual leave
Flexible office and home working options
Life and medical insurance
Funded team social and charity events
Onsite facilities including cafe, restaurant and gym
Company funded fruit and soft drinks plus Friday breakfasts
Cycle to work tax efficient scheme
Access to ample free parking
Shuttle bus to national rail services
UKCloud is an equal opportunities employer and positively encourages applications from suitably qualified and eligible applicants. Applicants must be eligible to work and live in the UK and will be required to undergo and maintain appropriate UK government security clearance.