Security Operations Analyst - London, United Kingdom - RBW Consulting

    RBW Consulting
    RBW Consulting London, United Kingdom

    3 weeks ago

    Default job background
    Description
    We present an exciting opportunity to join a prominent organization in the financial services sector. They actively seek an experienced Security Operations Analyst to ensure the company's adherence to security standards.

    Collaborate with technology and business teams to implement security processes, technologies, and controls, serving as the authority for security-related inquiries.

    Define, design, implement, and maintain security solutions tailored to the business's requirements.

    Support the definition, execution, and continuous improvement of key cybersecurity processes, including vulnerability and patch management, security incident response, monitoring, endpoint security, identity and access management, network security, and cryptography.

    Assist in developing and maintaining security policies, processes, incident response management plans, and playbooks.

    Provide expertise on security requirements for core technology processes, such as asset management, change management, third-party management, technology development and acquisition, configuration management, etc.

    Contribute as a team member in projects and change initiatives aimed at enhancing enterprise security capabilities, such as identity and access management, log aggregation, etc.

    Minimum of 3 years of experience in a Security Engineer/Analyst role, focusing on designing, implementing security solutions, and managing security infrastructure.

    Previous experience in a financial services environment with a working understanding of relevant regulations.

    Experience and in-depth technical knowledge of deploying, maintaining, and configuring various security technologies within a large and complex environment (anti-malware/EDR, SIEM solutions, vulnerability scanners, patch management, CASB, DLP, penetration testing tools, etc.).

    Knowledge of TCP/IP and related network protocols, including standard protocols like TCP, ARP, ICMP, DHCP, DNS, SNMP, VPN, etc., and proficiency in accompanying protocol/packet analysis/manipulation tools.

    Understanding of key operating systems and network appliances, with the ability to assess their security posture based on their configuration and deployment.

    Professional certifications such as Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), or Certified Information Security Manager (CISM).

    In-depth knowledge of Operating System security and system hardening concepts, such as CIS Benchmarks.
    Experience in working with information security frameworks and regulatory requirements, including ISO27001, NIST, PCI DSS, GDPR, Cyber Essentials.
    Experience in general IT audit processes and conducting risk assessments.