We are SCC – Specialist Computer Centres – Europe’s leading provider of IT services and solutions. Demand for our Data Centre services continues to grow both from existing and new customers creating a real career opportunity for a talented individual to join our Information Security team in our Birmingham Data Centre.
Overall Job Purpose:
The security of information is critical to the ongoing success and reputation of the SCC Secure Data Centre Services business. The role of Security Operations Analyst will offer the successful candidate an exciting opportunity to work closely with the business across a broad range of activities (projects, new product developments, business processes & stake holder advice) to ensure that information is used in a secure and appropriate manner.
An opportunity to work in a challenging and fast paced environment, working on a subject matter that is key to the ongoing success of the SCC Group of companies.
Essentially the role will provision operational security capability, covering a range of tools, services and information, to manage and monitor the security posture of the IT environment; and to provide security incident handling. You will have responsibility to provide quality and accurate reporting on security alerts arising from Security Information & Event Management systems (SIEM).
The role will be responsible for analysing network, application and system log events in order to identify any potentially abnormal system behaviors and raise them as incidents for investigation. These will then be investigated with supporting teams to establish if these are expected events or a security threat whereby they will be escalated to appropriate customer or technical resources for remedial action.
The role of Security Operations Analyst will also form part of the core security team that deliver and drives continual service improvement across the internal SOC function covering Data Centre Services and SCC customers ensuring delivery of best of breed compliant security services in the most effective and efficient manner.
Main Duties of the Job:
Monitor the organisation’s Infrastructure for security breaches and investigate a violation when one occurs. Act as the initial analytical reference point for identifying and then quantifying the nature and extent of an attack and offer initial professional advice relating to possible business impact.
Prepare reports that document security breaches and the extent of the damage caused by the breach. Monitor, log and review security incidents and ensure correct closure.
Maintain and support the operational integrity of SOC toolsets, in particular the SIEM Platform.
Advise on incident containment measures.
Contribute to digital forensic investigations, assisting with data capture and analysis.
Collaboration with IT technical teams to deliver Information Security services and improvements
Develop security standards for integration with the SIEM platform
Research the latest information technology (IT) security trends
Be familiar with relevant SCC related procedures and policies (acceptable use, data protection, freedom of information, information security, purchasing etc.) and advise colleagues and end-users accordingly.
Perform other essential Information Security duties as assigned
Security Operations Analyst must continually adapt to stay a step ahead of cyber attackers. They must stay up to date on the latest methods attackers are using to infiltrate computer systems and on IT security. Analysts need to research new security technology to decide what will most effectively protect their organization. This may involve attending cyber security conferences to hear first-hand accounts of other professionals who have experienced new types of attacks.
The role will not have any direct reports but will be required to work and organise personnel to assist in Security Incident Management and Remediation whilst also being supportive to other departments within the business.
Skills, Knowledge and Experience:
- Experience of working within a security monitoring environment
- Ability to disseminate the right level of technical or solution information intended for the correct audience
- Managing own workload, ensuring work is delivered on time, and to the required quality
- Experience in delivering solutions using new and emerging technology/policy and IT security industry best practice
- Technical knowledge and understanding of information security landscape
- Experience with using service management tools. (Assyst/Service Now)
- Experience of ITIL v3
- Demonstrate a logical approach to service delivery
- Ability to write documentation for various audiences and ability to select appropriate document formats
- Ability to write, produce and deliver remediation action plans.
- Excellent communication and presentational skills
- Technical understanding of key security component functionality and procedures
- Experience of communicating with and influencing peers and senior management
- Security Incident Management knowledge
- Positive personal qualities including business focus, drive, professionalism, integrity and teamwork.
- Proven analytical and problem solving skills.
- A proactive approach to problem management and personal development.
- To have SC security Clearance or be able to undergo the process of SC clearance.
- Hold a recognised Information Security qualification (e.g. CISSP, CISM or demonstrate strong capabilities in Information Security Compliance)
- A minimum of 2 years’ experience within a SOC environment
- IBM Q-Radar SIEM Software