Senior Security Operations Centre Specialist

Job Title: Senior Security Operations Centre Specialist

Contract Type: Permanent

Location: Edinburgh or Alderley Park

Working style: Hybrid 50% home/office based

Closing date: 14th March 2025

This role will assure the response to a cybersecurity event or incident, taking the lead to contain the threat to the Royal London business and support the remediation activities to stabilise service. The role will co-ordinate the activities between Defence, Threat Intelligence, SOC and Engineering and be the point of contact for IT Security within the Royal London Group incident management process.

Additionally, the role will mentor the current Security Operations Centre team at analyst and specialist level. The team purpose is to minimise and control the damage resulting from cybersecurity detections or incidents, ensuring that the appropriate response controls are in place and operating as required in order to enable the identification, protection, detection, response and recovery of RLG information assets. 

It outlines how the role contributes to our purpose:

• Helping build financial resilience
• Moving fairly to a sustainable world
• Strengthening the mutual choice for customers

About the role

• All security events investigated and tracked to remediation within agreed SLA’s.
• Monitoring the IT Security phishing mailbox, conducting malware analysis of email threats.
• Proactive threat hunting & analysis of security events to identify and prevent security threats from materialising.
• Development of use cases, playbooks, policies and custom tooling to improve our security maturity. Recommend security enhancements and service improvement to help drive effective detection, containment and eradication of security risks.
• Undertake monitoring of RLG security controls, working with the Defence team to test they are operating within the expected detection guidelines.
• Security event alerting or dashboard improvements identified to deliver service efficiencies.
• Incident management, coordinating security resources and drawing on resources across the business where necessary.
• Continuous threat hunting using industry best practices, techniques & tooling.

About you

• Ability to mentor and coach a team of Cyber Security professionals.
• Demonstrable hands-on experience and accreditation in the fields of detection & response for cyber security investigations. Digital forensic experience an advantage.
• Technical security qualifications preferred e.g. Splunk - SCSCA, SSCP, GIAC - GCIH, GSEC or equivalent.
• Understand threat analysis / threat modelling.
• Experience with endpoints/EDR in an MDR.
• Ability to identify patterns, anomalies, and issues that span multiple vectors.
• Understanding of common cybersecurity threats and terminology including but not limited to phishing, malware, and data compliance.
• Proficient project management, organization, and communication skills.
• MSP/MSSP/MDR experience preferred.

Our People Promise to our colleagues is that we will all work somewhere inclusive, responsible, enjoyable and fulfilling. This is underpinned by our Spirit of Royal London values; Empowered, Trustworthy, Collaborate, Achieve. 

We've always been proud to reward employees by offering great workplace benefits such as 28 days annual leave in addition to bank holidays, an up to 14% employer matching pension scheme and private medical insurance. You can see all our benefits here - Our Benefits  

Inclusion, diversity and belonging 

We’re an Inclusive employer. We celebrate and value different backgrounds and cultures across Royal London. Our diverse people and perspectives give us a range of skills which are recognised and respected – whatever their background.