Security Analyst

Company Description

Inmarsat has been at the forefront of global mobile satellite communications for over forty years, and is the market leading provider of voice and high-speed data communications for users on land, at sea and in the air through its constellation of 15 geostationary satellites.  Inmarsat is a privately owned company with a profitable track record and significant growth aspirations. This is represented by more than 55 nationalities in the workforce, reflecting the global and dynamic nature of the business. With an investment of over $3 billion in its latest network infrastructure, Inmarsat is at the forefront of global mobile communications innovation.

Chief Operations Office 

Inmarsat’s Chief Operations Office (COO) plays a vital role managing the services that keep our business running and delivering to our customers. COO consists of 9 functions including: Satellite Operations, Network Operations, Service Assurance, Service Delivery Aviation and Customer Assurance, Service Delivery and Supply Chain, Project Management Office, Global Cyber Security and Group IT

Job Description

Primary role purpose:

Inmarsat Group Operation (COO) manages all of Inmarsat’s communications networks, which provides data communications to various sites and systems as part of Business Infrastructure and Revenue earning systems. These networks are critical to Inmarsat’s revenue generation and have to be treated as such to provide secure, resilient and timely movement of data. The networks are being expanded as new Inmarsat offices are opened, new systems implemented, new requirements formulated, and to meet current industry standards and best practises.

As part of this network expansion, we are looking for a Security Analyst (Incident Handler) who will conduct vulnerability assessments and monitor systems, networks, databases and Web hosted services for potential system breaches.  Respond to alerts from information security tools. Report, investigate and resolve security incidents. Educate and communicate security requirements and procedures to all users and new employees. Recommend changes to enhance systems security and prevent unauthorized access. Research security trends, new methods and techniques used in unauthorized access of data in order to pre-emptively eliminate the possibility of system breach. Ensure compliance with regulations and privacy laws.

Key responsibilities of the position

• Act as a first line security event analyst monitoring the Security Information and Event Management (SIEM) System.  Monitor the alarm console; provide initial analysis of logs and network traffic; and make security event determinations on alarm severity, escalation, and response routing.
• Provide first line telephone, e-mail and ticket routing services for security event notifications and incident response processes.
• Deliver first level investigation and remediation activities as a member of the Security Incident Response Team.  Participate in Security Incident Response Team (SIRT) events: Conduct research and assessments of security events; provide analysis of firewall, IDS, anti-virus and other network sensor produced events; present findings as input to SIRT.
• Participate in a Compliance/Vulnerability Assessment (VA) Scanning Capability.  Follow a documented process for routine scanning of Inmarsat infrastructure and network elements.  Develop mitigation and remediation plans as a result of the vulnerability assessment findings.
• Monitor threat and vulnerability news services for any relevant information that may impact installed infrastructure. Analyze reports to understand threat campaign(s) techniques, lateral movements and extract indicators of compromise (IOCs).
• Create and update security event investigation notes, conduct shift change reports on open cases, and maintain case data in the Incident Response Management platform.
• Document information security operations policies, process and procedures.
• The post will require joining a 24/7 shift rota covering daytime, night time, and weekend work (adequate notification will be provided)

Qualifications

Essential Knowledge and Skills:

• A University degree level education or equivalent in Information Security, Forensics, or Computer Science; related experience and/or training in the field of IT security monitoring and analysis, cyber threat analysis, and vulnerability analysis.
• Understanding of performing 1st level analysis and interpretation of information from SOC systems; incident identification/analysis, escalation procedures, and reduction of false positives.
• A Global Information Assurance Certification (GIAC) Certified Incident Handler (GCIH), GIAC Certified Intrusion Analyst (GCIA), or equivalent certification would be advantageous.
• Intermediate knowledge of Information Security fundamentals, technologies, and design principals.
• Understanding or proven experience in securing Windows, Linux, Oracle and VM platforms.
• Understanding or proven experience of QRadar or similar Security Information and Event Management (SIEM) tools for analysing network and security incidents.
• Experience in Tenable Network Security Nessus, BeyondTrust Retina or similar Vulnerability Assessment (VA) scanner operations for identifying network and platform risks and mis-configurations.
• Willingness to learn new skills and be self-motivated.
• Ability to work in a team environment, to work under pressure and show flexibility.
• Excellent verbal and written communication skills in English.

Additional Information

You must be eligible to work in this location advertised.

Our culture and ways of working 

Our values define Inmarsat’s culture and represent what we believe in. Inmarsat employees aspire to behaviours that support our values, which create a stronger working environment and lie at the heart of our continued success as an organisation. 

• Customer – we provide a unique value to our customers 
• Accountability – we take ownership, we deliver results, and we keep our promises 
• Respect – we collaborate, we embrace and celebrate diversity and we value difference 
• Excellence – we create bold solutions for our customers and put quality at the heart of everything we do 

We also value and encourage a healthy work-life balance, so we offer flexible working wherever possible. Depending on the operational requirements of your job and your team, we can offer compressed hours (nine-day fortnight), hybrid office-remote working, and flexibility during your working day to take care of personal commitments. 

Diversity:

At Inmarsat we want the best people for the job, and we warmly welcome applications from you if you’re suitably qualified and eligible, regardless of your sex, gender, age, race, ethnicity, disability, sexuality, gender identity, neurodiverse qualities, religion or belief, marital status, pregnancy, or maternity status. 

Inmarsat is signed up to the Halo Hair Code, which aims to protect employees who come to work with natural hair and protective hairstyles associated with their racial, ethnic, and cultural identities. 

To give you the best experience possible during your application process and interview, we can make adjustments. For example, if you’re visually impaired we’ll happily meet you locally and help you find your way to our office, or if you have neurodiverse qualities, we can provide you with additional support to help you prepare for your interview. Please let our Resourcing Team know if there are any ways in which we can support you.