Senior Security Operations Analyst

Management Level

Role Summary

The Senior Security Operations Analyst will play a lead role, assisting the Head of Security Operations, in a team of up to 13 staff delivering these activities. They will report directly to the Head of Security Operations. They will contribute to all aspects of the Company’s operational security strategy and programme, as appropriate to demand, workload, skills and experience.

Core Duties/Responsibilities

• Conduct regular compliance reviews of actual practice in teams across the IT organisation against defined operational IT security processes.
• Ensure that operational security processes are adjusted as security needs or the Company’s business change.
• Identify potential for improvements in cost efficiency in the main operational security activities and provide feedback to the CISO and Head of Security Operations to instigate projects and initiatives that seek to achieve these improvements.
• Monitor quality of service and quality of security control targets and metrics with all non-security teams throughout the Company engaged in operational IT Security activities.
• Participate in requirements definition, acceptance and implementation of projects and initiatives that are developed by GIS for the infrastructure and tools that support the main operational IT Security activities.
• Identify and conduct IT Security Monitoring and Testing activities to the appropriate quality of service and security. In particular this involves working with the Company’s external security monitoring partner to ensure complete, effective and robust levels of protection through monitoring and response.

• Design & oversee the implementation of sound security management practices and controls for day-to-day access security administration and monitoring by other business and IT teams.
• Monitor for, respond to, mitigate impact of, take remedial action during, and define lessons learnt from, information security incidents, gathering input from other information and IT security teams.
• Own and manage vulnerability identification across the EQ estate.
• Analyse scan results, validate findings, and prioritise remediation actions based on risk, exploitability, and asset criticality.
• Track remediation efforts and verify effectiveness through re-scans and reporting
• Contribute as appropriate to IT operations and infrastructure development initiatives within Group IT from the IT security perspective.

Skills, Knowledge & Experience

The Senior Security Operations Analyst will have held previous positions as an Operational Security team leader, senior SOC analyst or Incident Responder. They should have accumulated at least 4 years’ relevant experience in a role in industry or an IT or security services provider.

Extensive experience of the following is essential:

• Managed security monitoring services and other relevant security technology vendors and service provider.
• Experience in leading incident response activity either as an individual or as an incident response coordinator.
• Previous ownership of incident response processes and procedures – including documentation, maintenance and testing of those processes and procedures.
• Demonstrable practical experience with threat hunting techniques and processes.
• A strong understanding of the Cyber Kill Chain and Mitre Framework and how these can be used to determine threat actors and identify attack mitigations.
• Technical analysis of cyber security threats and threat intelligence.
• Experience of delivering and managing operational security tooling for cloud based environments – with significant focus on natively available controls within AWS.
• Familiarity with relevant industry cyber security standards/frameworks such as NIST CSF, ISO 27001 and CIS Critical Security Controls.
• Experience with Vulnerability Management tools (Qualys, Nessus, Metasploit, BurpSuite etc…)
• Experience managing and configuring DLP capabilities
• Development of processes and play books to support Security Operations services.
• Experience with scripting (Python, Power BI) and automation tools a benefit.
• Strong organisation and communication skills a must.

In addition, the following key experience is preferred:

• Experience of delivering against similar accountabilities with global impact in an organisation of similar scale and complexity as EQ.
• Ability and motivation to work with parties inside and outside the security community through a cooperative, interactive, trustful and respectful approach.
• A “doer” with capacity to drive relevant activities personally.
• Broad general knowledge of good information security practice.

We are committed to equality of opportunity for all staff and applications from individuals are encouraged regardless of age, disability, sex, gender reassignment, sexual orientation, pregnancy and maternity, race, religion or belief and marriage and civil partnerships. Please note any offer of employment is subject to satisfactory pre-employment screening checks.