Cyber Security Operations Analyst

WPP IT provides IT services for WPP, the world’s largest communications services group. As a creative transformation company, WPP is helping its clients transform the future through extraordinary work. WPP IT is an integral part of that journey and we are proud to provide technology for some of the world’s most creative brands.

Visit our LinkedIn page to see what we're up to!

Why we're hiring:

This is an excellent opportunity for an experienced Security Analyst to join our Growing Cyber Security team. The Security Operations Analyst will work within a multi-national team comprised of both internal and external analysts. They will play a key role in ensuring the effectiveness of WPPs cyber security detection, analysis, and response capabilities. They will work with multiple stakeholders including engineers and incident responders to ensure that security events are appropriately triaged and effectively resolved.  

Reporting into the Senior Security Operations Analyst, you will help to ensure that the security operations function continually improves, remains tuned to specific organisational threats, and operates an effective security toolset. They will be help review, improve, maintain and operate a suite of security incident response procedures and playbooks and contribute to  management reporting artefacts. 

What you'll be doing:

• Triage and respond to security events  
• Act as a primary point of contact and support for Security Incident Responders  
• Work closely with Managed Security Service Providers  
• Identify and advise on security tooling configuration changes including tuning, filtering and dashboard management  
• Help with developing, maintaining, and operating requisite playbooks and detection capabilities 
• Provide relevant analysis in support of services such as threat hunting 
• Contribute to post incident reporting 
• Work effectively within a team of security analysts split across multiple territories 
• Provide information on for indicators of compromise and threat actor tactics, techniques, and procedures  
• Help coordinate where necessary forensics, malware reverse-engineering, and additional reviews with internal and external specialists 
• Contribute to regular management reporting artefacts 
• Help manage internal and external stakeholder relationships 

What you'll need:

• At least 3 years' experience working within a SOC team  
• Proven ability to lead, mentor and develop less experienced security analysts 
• Ability to effectively liaise with engineering, architecture, network and system specialists 
• Be able to work in other technology departments as well as the business and other offices to establish good business relations 
• Expert knowledge of Security Incident & Event Management solutions (SIEM) 
• Knowledge of Security Orchestration, Automation & Response solutions 
• Knowledge of EDR solutions  
• ServiceNow experience preferable 
• Strong knowledge in Windows and preferably Mac 
• Cloud security skills preferable 

Who you are:

You’re open: We are inclusive and collaborative; we encourage the free exchange of ideas; we respect and celebrate diverse views. We are open-minded: to new ideas, new partnerships, new ways of working.

You’re optimistic: We believe in the power of creativity, technology and talent to create brighter futures or our people, our clients and our communities. We approach all that we do with confidence: to try the new and to seek the unexpected.

You’re extraordinary: we are stronger together: through collaboration we achieve the amazing. We are creative leaders and pioneers of our industry; we deliver extraordinary every day.

What we'll give you:

Passionate, driven people – We champion a culture of people that do extraordinary work.

Scale and opportunity – We offer the opportunity to create, influence and deliver projects at a scale that is unparalleled in the industry.

Challenging and stimulating work – Unique work and the opportunity to join a group of creative problem solvers. Are you up for the challenge?