IS Security Operations Specialist

At Eurostar, we’re ushering in a new era of European train travel. We’re the only high-speed operator that directly links the UK, France, Belgium, the Netherlands, and Germany. We’ve got big ambitions to spark opportunity through the power of train travel, and we’d love to have you along for the ride.

An exciting opportunity has arisen to join Eurostar as its: IS Security Operations Specialist. This role is based in our head office in Kings Cross.

Internal Use Only: Role is grade F based in KP.

The Information Security Department (IS) is seeking a highly skilled and proactive Security Operations Specialist to join our cybersecurity team. In this role, you will be responsible for administering and enhancing our security monitoring and detection capabilities, ensuring rapid and effective response to cyber incidents, and driving continuous improvements across our security operations.

The main responsibilities will include overseeing and optimizing alert rules and triggers, guiding the Cyber Incident Response Team (CIRT) in Level 1 incident handling, and stepping in to manage Level 1 and Level 2 responses when needed. You will play a key role in maintaining and developing cyber response playbooks, actively monitoring IT and security infrastructure beyond the scope of our Security Operations Centers (SOCs) and ensuring alignment with organizational IT security policies and procedures.

The ideal candidate has strong analytical skills, deep knowledge of security frameworks, and a hands-on approach to identifying vulnerabilities, validating patch management, and ensuring the effectiveness of security controls across diverse domains such as Email Security, Identity and Access Management, Network and Application Security, Cloud environments, and Endpoint Protection.

Requirements

What you'll be doing

• Administer and optimize security monitoring and detection tools, refining alert rules and triggers to enhance incident detection by optimizing Monitoring and Detection Systems: Consistently improve and fine-tune security monitoring tools and alert rules to maximize timely detection and minimize false positives, including the health and scope of logging agents
• Provide expert guidance and support to the Cyber Incident Response Team (CIRT) for Level 1 incident response by leading and/or supporting timely and accurately Level 1 and Level 2 response to cybersecurity incidents, ensuring rapid containment, investigation, and remediation.
• Maintain and develop cyber response playbooks to standardize and streamline incident handling processes to keep aligned with evolving threat landscapes and organizational needs.
• Lead Level 1 and Level 2 responses to cyber security incidents escalated by SOCs or internal security teams when CIRT intervention is insufficient. Collect, analyse, and report security metrics regularly to provide actionable insights and maintain an up-to-date IT Security Dashboard and KPIs.
• Monitor IT and security infrastructure areas not covered by SOCs, ensuring comprehensive threat detection.
• Collect, analyse, and report security metrics to update KPIs and maintain the IT Security Dashboard.
• Identify and assess vulnerabilities and misconfigurations within IT security systems, services (e.g., email, DNS, Active Directory), and infrastructure.
• Ensure systems, equipment, and processes comply with internal IT security policies and standards.
• Vulnerability and Patch Management Oversight: Identify security vulnerabilities and misconfigurations proactively, track remediation progress, and validate the effectiveness of patch management processes.
• Extended Security Coverage: Provide proactive monitoring and support for IT and security infrastructure areas outside of SOC scope to ensure comprehensive threat visibility and protection.
• Assist and support the IT Security colleagues on IT Security initiatives when required.
• Keep current on technological developments in relation to cyber technologies and threats.

You'll need to have the following

Essential

• Minimum bachelor’s degree in computer science, Information Security, Cybersecurity, or a related discipline.
• Relevant certifications such as CISSP, CISM, GIAC (GCIH, GCIA), CEH, or equivalent are highly preferred.
• Minium 3 years’ experience in security operations, incident response, or SOC analyst roles.
• Proven expertise in managing and optimizing security monitoring and detection tools, including SIEM, IDS/IPS, and Endpoint Detection & Response platforms.
• Demonstrated ability to develop, maintain, and execute cyber response playbooks and incident handling procedures.
• Experience responding to Level 1 and Level 2 cybersecurity incidents and coordinating escalation processes.
• Solid background in vulnerability management, patch management validation, and compliance assurance.
• Strong familiarity with key security domains such as Email Security, Identity and Access Management, Network and Application Security, Cloud Security, DDoS & Bot protection, and Endpoint Security.
• Without being an expert in all technologies, already has knowledge and experience of configuration and trace analysis on the following systems:
• AWS, Azure and Microsoft 365 Security
• Endpoint Detection and Response
• Firewall and VPN
• Network Anomalies reporting tools
• SIEM Technology
• Experience with working with third party service providers

Desirable

• MDM
• WAF
• SQL
• Excellent analytical skills with the ability to interpret complex security data and incidents.
• Strong verbal and written communication skills, with experience guiding teams and collaborating across departments.
• Ability to perform well under pressure and maintain focus during critical incidents.
• Detail-oriented with a commitment to maintaining security policy compliance and operational excellence.
• Passionate about continuous learning and staying current with evolving cybersecurity threats and technologies.

Benefits

We’re constantly working to create a bright future for our company and our colleagues. That’s why we offer a wide range of brilliant benefits, including:

• Travel benefits that can be used for both work and play including 75% off underground network from Day 1
• Competitive defined benefit pension scheme
• Free Eurostar tickets
• Discounted Eurostar tickets for friends and family
• Ongoing training and development 
• Lots of other exclusive deals, discounts, and perks

A whole new platform for your career - If you think you’ve got what it takes to help us make Eurostar bigger and better than ever before then we’d love to hear from you.

At Eurostar we believe in giving everyone an equal chance. We actively encourage applications from talented individuals regardless of sex, race, disability, age, sexual orientation, gender identity, religion or belief, marital status, whether you’re pregnant or on maternity leave.