Senior Security Operations Analyst

Job Title

Job Description

As one of Europe's leading investment platforms, security at IG is a top priority and our Security Operations team is looking for a Senior Security Operations Analyst to help further enhance our security framework.

Who are we: 

Hello, we’re IG Group. No, not Instagram – though we're a pretty big deal ourselves. We’re a global, FTSE 250-listed company made up of a collection of progressive fintech brands in the world of online trading and investing. The best part? We’ve snapped up many awards for our top-class platforms, forward-thinking products, and incredible employee experiences. 

We believe in financial freedom. And our purpose is to help ambitious people achieve it. Around 400,000 people use our groundbreaking technology and forward-thinking platforms to trade the financial products they know and love. 

Did we mention we have offices in 18 countries? Yes, when you join IG Group, you'll have the chance to work across multiple brands with people all over the world. We work in cross-functional teams, focused on delivering at pace to improve the experience of traders on our platforms. 

Your Position within the Team:

IG’s Security Operations team (SOC) is responsible for managing security-related events within IG. The team's goals are to ensure that security incidents adversely affecting the business are quickly diagnosed, workarounds are determined, proper root cause analysis is performed, and actions are taken to prevent the issue from reoccurring.

The Security Operations function is vital to the organisation. It ensures that company information and systems are protected from unauthorised access, disruption, modification, or destruction. This is accomplished using various operational security controls, processes, and policies.

What you’ll do:

Security Monitoring

• Drive the creation and refinement of security monitoring rules, techniques and processes.

• Proactively hunt for evidence of threats or compromise using all available tools.

Incident Management

• Investigate and resolve escalated security incidents both independently and by leading a team of SOC colleagues.

• Ensure the defined playbooks are followed correctly, and accurate logs are made of all actions during incident response.

• Support and mentor colleagues with best-practice incident management techniques and behaviours.

• Perform root cause analysis, recommend process improvements, and write final post-incident reports.

Project Delivery

Take part in the team’s project delivery initiative, rotating between the following roles on a 1-3 monthly schedule:

• Vulnerability Management – maintain regular scans, interpret results, identify asset owners, track remediation activities and report on the agreed SLAs.

• Security Controls Administration – maintain availability and functionality of all security controls; implement new and advanced features where available; write technical documentation and manage changes.

• SIEM Maintenance & Content – maintain the availability of the underlying infrastructure, develop new alerts, field parsers, models and automated playbooks, and integrate new log sources where appropriate.  

• Threat Intelligence & Threat Hunting – provide, develop and integrate external threat intelligence data into the team’s detection capabilities; perform proactive threat hunts based on working hypotheses, and implement subsequent SIEM alerts where required.

• Purple Team & Scenario Exercises – regularly test the team’s detection capabilities, develop scenario-based training, and organise purple team exercises, both in-house and with third-party providers.

• Insider Threat – maintain and develop the Data Loss Prevention policies in line with the company’s data classification requirements, and implement exceptions for business-approved procedures where required. Improve the detection and response capabilities of the remaining security controls with a focus on insider threats.

• Escalation Analyst – support analysts during incident response and take the lead in more complex investigations; validate true positive security incidents, ensuring all playbook actions have been completed reliably with an incident timeline populated, and provide training sessions for other analysts.

​

Reporting & Documentation

• Assist with the preparation of regular reports and the collection of defined metrics.

• Take an active role in the creation and continual improvement of SOC process and procedures documentation, as well as the refinement of manual and automated workflows and playbooks.

​

Other responsibilities aligned with a Senior Analyst position:

• Lead the training and development of other SOC team members, sharing knowledge and demonstrating best practices by example.

• Lead internal projects to improve the effective operation of the SOC, such as contrasting competing tools or technologies, re-designing existing security controls and assessing the impact of changes to IG’s IT environment.

• Take an active role in external projects as the security SME ensuring that operational security issues are considered and implemented appropriately.

The way we work:

We also think hard about our ways of working as a company. At IG Group, we’ve set out five target behaviours that we expect everyone to strive to achieve in all that we do: 

Lead & Inspire: Leading teams in a way that drives trust, alignment, and enthusiasm; 

Think Big: We focus on the problems that most move the needle of commercial outcomes; 

Champion the client: We always keep the client's needs front of mind and deliver as much value for them in all that we do; 

Deliver at pace: We work to ensure nothing stands in the way of fast delivery of sustainable growth for our business; and 

Raise the bar: We raise the bar by taking ownership of outcomes and being accountable for making things better across IG. 

What you’ll need:

This is an experienced role, and therefore candidates are expected to convincingly satisfy most of the listed requirements. Successful candidates will demonstrate an independent and self-motivated approach to continuing the development of their skills and knowledge.

• 4 - 10 years of experience within operational IT or security roles, with a minimum of 2 years SOC.

• Deep familiarity with one or more SIEM tools is.

• A strong understanding of technical IT concepts is required, including:

  • Windows and Linux operating systems and system administration

  • Networking, including TCP/IP and other common protocols

  • Microsoft Active Directory

  • Command line interfaces and scripting

• Understand the role, benefits/downsides, and standard use cases of technical security products, such as firewalls, anti-virus, web proxies, SIEM, IDS/IPS, DLP, and EDR.

• Familiarity with vulnerability scanning and penetration testing tools and techniques.

Qualifications:

A university degree in one of the following fields is preferred (but not required):

• Cyber / Information Security, Digital Forensics, Ethical Hacking

• Computer Science, Software Development, Network Engineering

• Mathematics, Physics and other STEM subjects

Other desirable certifications include: CISSP / CEH, CREST, OSCP / Security+, Network+, CySA+ / Vendor certifications for Microsoft, Linux, cloud, networking or security products.

The perks:

It really is more than a job. We’ll recognize your talent and make sure that you can still have a life – at work, and outside of it. Networks, committees, awards, sports and social clubs, mentorships, volunteering opportunities, extra time off… the list goes on.

• Competitive salary

• Flexible Benefits Package on top of your salary (12%)

• Private medical cover for you and your family

• Life insurance

• Contribution to gym memberships

• 25 Days holiday, with 1 additional day off to celebrate your Birthday & 2 additional days off a year for voluntary work (28 in total

• The option to buy or sell holiday days.

• Unlimited access to the LinkedIn Learning Platform

• A comprehensive global and local onboarding process

• Employee-led LGBTQ+, Women’s, Black and Parents & Carers networks with an annual budget for organising events & projects that foster an open, diverse and inclusive culture

• Option to participate and create ESG initiatives based on IG Brighter Future Fund

• Enhanced primary (maternity), secondary (paternity), and shared parental pay and leave, as well as a range of support and benefits for parents

Where you’ll work:

We follow a hybrid working model; we reckon it’s the best of both worlds.  This model also feeds into our secret ingredients for innovation: diversity, flexibility, and close connection.

Plus, you’ll be welcomed into a diverse and inclusive workforce with a lot of creative energy. Ask our employees what their favourite thing is about working at IG, and you’ll hear an echo of ‘our culture’! That’s because you can come to work as your authentic self. The things that make you, you – like your ethnicity, sexual orientation, faith, age, gender identity/expression or physical capacity – can bring a fresh perspective or new skill to our business.

That’s why we welcome people from various walks of life; and anyone who wants to help us realize our vision and strategy.

So, if you’re keen to connect with our values, and lead the charge on innovation, you know what to do.

APPLY NOW!

Number of openings