Operational Security Analyst

Associate Operations Security Analyst

Contract Type: Permanent

Location: Hybrid (minimum 20% on-site in our Oxford office)

 

We’re proud to be an Equal Opportunity Employer, and we’re committed to building an inclusive, diverse community that celebrates and welcomes everyone.
If there are any adjustments we could make to the recruitment and selection process to support you, please let us know.

 

 

About Us

We’re Nominet – a world-leading domain name registry operating at the heart of the UK internet. While we're best known for running .UK domains, we also help to protect public services from cyber threat.
As a public benefit company, our work has a positive impact on society. We’ve donated millions to projects that use technology to improve people’s lives and have committed to delivering £60m worth of support over the next three years.

We’re also already a Carbon Neutral company and we’re committed to helping the UK reach Net Zero by 2050.

 

 

About the role

The security analyst will work in the Operational Security team Technology group to assist in the safeguard of Nominet’s infrastructure, Data and services. Security and resilience are top priorities as Nominet systems are integral to the continued operations of the .UK Internet. 

The security analyst will combine their knowledge of the security landscape and the tools which are used to monitor and mitigate against cyber threats, to provide insight and assurance of Nominet’s security risks. 

This role will suit a person that has a strong interest in security and has experience with the tools and processes used in an Information Security Management System, for example vulnerability management. They should have good communication skills, a can-do attitude and a willingness to learn. 

 

Responsibilities

• Threat Analysis and reporting on a wide variety of security data to provide situational awareness and trends in behaviours. Data sources include access logs, DNS data, intrusion detection systems and syslogs.  

• Assessments of security reports from internal and external sources, including our Security Operation Centre  

• Assist in response to vulnerabilities reports found and active security incidents. 

• Identify and research future and current security threats to protect Nominet and its customers. 

• Take an active part the developing a purple team capability and understanding engineering detection approaches  

• Add to the ethos of a world class internet company with innovation, hard-work and a true passion for technology

 

Interpersonal skills

• Works effectively as ‘part of the Company team’, communicates and advises with a positive attitude at all levels both internally and externally 

• Works effectively as part of a department team, recognises areas where support is required and offers assistance proactively. 

• Is flexible and adaptable in approach. A 'go to' person. 

• Takes an active role in personal development and frequently reviews individual objectives and attends training sessions as required 

• Professionally manages workload and can work independently 

• Able to effectively plan ahead, problem solve and use initiative 

 

Deliverables 

• Involved in the maintenance and further development of security monitoring of Nominet infrastructure and data systems. 

• Responding to security incidents and assisting in their resolution  

• Working in an agile way to assist in the remediation of vulnerabilities. 

• Working on various initiatives to promote a positive security culture with all staff and key stakeholders 

• Providing proactive advice and insight to broader cyber security issues affecting Nominet 

• Production of actionable threat Intelligence analysis using common methodologies and tools such as recordedfuture, MITRE D3FEND & ATT&CK 

 

About you and your experience 

The ideal candidate would have a real interest and enthusiasm of information security. The new role covers broad aspects of security and the candidate has the opportunity to help shape future security operations. They would bring fresh and exciting ideas to the role and have a very inquisitive and analytical mind. They would have the ability to work as part of a team as well as being strongly self-motivated. 

 

• Experience of analysing data such as system logs, firewall logs, Intrusion detection systems and access logs. Experience of using a SIEM is desirable but not essential eg Splunk/Nessus and Office 365 security tools 

• An ability to analyse complex data, make informed decisions and communicate effectively to the relevant audience 

• Understanding of security processes including vulnerability management, cyber threat monitoring and risk management processes 

• Security qualification such as CISMP, CEH, SANS GSOC or degree in a computing-related or other numerate subject such as Computer Science, IT, Physics or Maths. Qualifications can be replaced by good quality experience in the workplace. 

• A strong interest and enthusiasm in information security and emerging threats 

• Experience of administrating Windows/Linux server infrastructure

 

 

What we offer

• 30 days annual leave plus bank holidays, with the ability to purchase an additional 5 days
• Bupa private healthcare + Employee Assistance Programme
• Electric vehicle scheme with on-site charging points
• Rewards platform with access to discounts at hundreds of shops, restaurants etc.
• MediCash discounts on routine healthcare including optical, dental and much more
• Company and individual performance-based annual bonus

 

Please note, all roles working for Nominet will be subject to a Baseline Personnel Security Standard (BPSS) check. Some roles will require additional security clearance due to the nature of their work.