Security Operations Analyst at Orion Health focusing on monitoring and maintaining security tools while collaborating with teams. Engaging with real - world threats and enhancing operational security processes.
About the role
- Overseeing Security Operations Team's strategies and implementations for interactive investor. Ensuring protection of key business assets through analysis and incident response.
Responsibilities
- Manage the internal ii Security Operations Team (SecOps) in day-to-day activities overseeing the management, strategy, and direction of our SIEM solution, EDR solutions and security incident management.
- Monitor the security landscape, collate reports, evaluate trends and threats against our security posture, and coordinate remediation where required
- Management of our external Security Operations Centre (SOC) and oversight of our SIEM solution.
- Responsible for the security incident process owning incident response, investigations, and lessons learnt.
- Analyse security systems / reports to identify trends and drive secure behaviours throughout the business.
- Lead on a threat intelligence, detection, and response programme of work.
- Lead the SecOps team on proactively identifying, Investigating, and hunting potential attacks and security risks on networks and systems using various platform dashboards and threat feeds.
- Lead the team on analysis of security events as detected by security controls.
- Management of Endpoint Detection and Response (EDR) - overall ownership and maintenance of agents, creation of exception rules, and reacting to alerts.
- Play a lead role in coordinating and directing team efforts during incidents and ensuring prompt escalation
- Oversee the vision and strategy of the Security Operations function, evolving the technology and maturity of the team.
Requirements
- 5 + years in a cyber security role.
- Ability to manage a SecOp’s team.
- Ability to define a Security Operations strategy overseeing initiatives to fruition of that strategy.
- A deep understanding of technical and network security requirements.
- Strong analytical and troubleshooting skills
- Ability to proactively identify control weakness and vulnerabilities
- Ability to decipher different types of malware and a knowledge of how to deal with it.
- Knowledge and use of SIEM tooling i.e. Google Chronicle.
- Experience in using the MITRE ATT&CK Framework to understand adversary actions and resulting mitigation techniques.
- Excellent attention to detail.
- Ability to remain calm under pressure and clearly communicate to all levels of management.
- Experience in understanding Firewalls and IDS/IPS and Windows Security Event Logs.
- Strong verbal and written communication skills with the ability to articulate complex ideas in easy to comprehend business terms
- Ability to quickly understand existing infrastructure, network security principles, data flow and security architectures.
- Knowledge of the fundamentals of cloud infrastructure as well as traditional technologies.
- ·Degree in IT / Cyber preferred or industry recognised qualification.
Benefits
- Group Personal Pension Plan – 8% employer contribution and 4% employee contribution
- Life Assurance and Group Income Protection
- Private Medical Insurance – Provided by Bupa
- 25 Days Annual Leave, plus bank holidays
- Staff Discounts on our investment products
- Personal & Well-being Fund – Supporting your physical and mental wellness
- Retail Discounts – Savings at a wide range of high street and online retailers
- Voluntary Flexible Benefits – Tailor your benefits to suit your lifestyle
Job title
Job type
Experience level
Salary
Degree requirement
Tech skills
Location requirements
Senior Global Security Analyst overseeing physical security operations at Dolby’s San Francisco headquarters. Collaborating with global partners to strengthen safety systems across Dolby locations.
Director overseeing integrated security operations, focusing on SOC management and cyber defense strategies for a fintech company in Canada.
Security Operations Engineer protecting Notion’s systems and users by investigating and responding to security events. Collaborating with a global team to enhance security processes and protocols.
SecOps Engineer at Aristocrat maintaining security for innovative iGaming platforms and collaborating with cross - functional teams. Focused on AWS services security and compliance assessments.
Cybersecurity Incident Response Analyst handling security events and incidents at Var Group in a hybrid work environment. Focused on ensuring response to security incidents and improving security processes.
Cybersecurity Incident Response Analyst handling security incidents and threats. Working in a hybrid environment at Yarix, a leader in digital evolution.
IAM Security Ops Analyst overseeing access management for clinical trial applications at Syneos Health. Collaborating with IT and compliance teams to enforce IAM policies and improve operational performance.
Fraud Operations Group Manager responsible for managing fraud management policies in the Operations Services team. Leading teams in minimizing fraud impacts while ensuring compliance and operational objectives.
Information Security Analyst responsible for security operations, threat hunting, and incident response at Bellinati Perez. Involves collaboration with internal teams and use of advanced security tools.