Security Operations Analyst
London
Applications have closed
R3
R3 is leading the digitization of financial services, enabling an open, trusted and enduring digital economy. Learn more about R3's Corda.Responsibilities
- Monitor alerts and investigate security events via a SIEM solution to triage suspicious activities; helping with containment and prevention, as well as supporting recovery.
- Be involved in the execution of procedures for threat hunting and investigation; security response and security incident response.
- Be responsible for the design and implementation of standardised preventative and detective technical security controls for R3's cloud and on premises infrastructure, including driving conformance to operating system and cloud environment benchmarks, network security controls, and consistent logging and alerting. These controls will be integrated into the wider R3 security control environment as the foundation for R3's security operating capability.
- Work with the wider security team to prepare for, and undergo external service auditor assessments of the security control environments which you help to develop.
Qualifications (Must have)
- First and foremost we want you to love what you do. You'll need to be a security evangelist within R3 and the community of Corda Network and Corda Managed Service participants, both current and future.
- We'd love to see evidence of other experience too, you might have been a developer, network operations person, penetration tester or researcher in a previous life.
- We believe that we work better as a team. You'll be working with a diverse team of people with a variety of skills and backgrounds and a high level of emotional intelligence will be assumed. People skills are essential.
- You'll need excellent communication skills, both verbal and written. You'll be happy explaining the control environment that you have helped develop to R3's clients or service auditors.
- You’ll need strong hands-on experience of maintaining SIEM solutions. You will be practiced in using a SIEM for threat hunting, and subsequent security incident response.
- You will have relevant experience of implementing technical security controls in mission critical service delivery environments. Financial services experience would be ideal, but experience in other areas such as telecoms or other critical infrastructure may also be a good fit.
- You'll need to have experience with multiple operating systems and be fluent in Linux internals.
- Hands on experince with vulnerability assessment tools such as Tenable, Qualys or OpenVAS.
- You'll need to be able to automate things. Working knowledge of at least one contemporary scripting language is essential. We won’t expect you to write in all languages, but you should be confident in reading at least Python, and either Shell script or PowerShell.
- Working knowledge of at least one modern query language (KQL, SPL for example) is essential.
Qualifications (Nice to have)
- Exposure to Azure Sentinel, Microsoft 365 Defender or Defender for Endpoint would be particularly useful, but not essential.
- Relevant professional qualifications would be great. SANS GIAC certifications are also good but not essential. You'll need to demonstrate that any certifications you claim are valid and current (we will check).
- It would be great if you have worked in an organisation that is certified ISO 27001, assessed against SOC 2 common criteria or PCI compliant.
- An engineering or science degree would be great, but appropriate career experience is just as important. Be prepared to tell us all about that experience.
- Any personal projects, talks or anything else you think represents your passion for Security, please tell us but be prepared to talk about them.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Azure Blockchain Cloud GIAC Incident response ISO 27001 Linux Network security OpenVAS PowerShell Python Qualys SANS Scripting SIEM SOC SOC 2
Perks/benefits: Startup environment Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Senior Security Analyst jobs
- Open Manager Pentest H/F jobs
- Open Information Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Senior Information Security Analyst jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Product Security Engineer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Senior Information Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Sr. Security Engineer jobs
- Open Security Researcher jobs
- Open Senior Security Architect jobs
- Open Security Operations Analyst jobs
- Open ISO 27001-related jobs
- Open Clearance-related jobs
- Open Windows-related jobs
- Open Application security-related jobs
- Open Network security-related jobs
- Open Agile-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open DevOps-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open Kubernetes-related jobs
- Open CI/CD-related jobs
- Open Security Clearance-related jobs
- Open IDS-related jobs
- Open CEH-related jobs
- Open EDR-related jobs