SOC Analyst

Role purpose

Reporting into the Head of Security Operations, this role will encompass defending Travelex against Cyber threats. This has a dependency on optimising our technology to be based on sound Cyber security principles in order for us to accurately manage and defend any such attack placed upon the organisation.

Cyber Security is seen as a key strategic pillar within the organisation as the methods attackers use evolve Travelex recognises the requirement to remain dynamic in its defence against such threats. This is a hands-on role with responsibilities covering our global geography, as such this requires a candidate that is not only technical in nature but is also able to provide thought leadership and to effectively assist the company in attaining and maintaining its appropriate cyber security appetite. This role sees the ideal candidate supporting the cultural direction and to assist the organisation to achieve its strategic goals.

Key accountabilities

Relationship management

• Develops and maintains robust relationships with key business stakeholders to ensure assurance analysis is visible and in line with agreed customer expectations.
• Ensures the smooth integration of new assurance standards.
• Raise awareness and profile of Cyber across the business at all levels.

Experience and personal qualities

Management information

• Writes and speaks fluently on all aspects of work and communicates effectively with all levels of management.
• Produces accurate, timely and relevant MI for the Head of Security Operations, CISO and the team as required.

Communication

• Writes and speaks fluently on all aspects of work and communicates effectively with all levels of management.
• Responsible for pro-active and regular communication with other areas of IT and the business in relation to Assurance analysis.
• Actively communicate and seek feedback from colleagues and customers.
• Play a participative part in Team Briefs.
• Be proactive in the provision of feedback and the delivery of ideas to develop and improve the Assurance service.
• Ensure feedback to line manager outlining general activities of role and ‘how we are doing’.

General

• Undertakes any necessary training associated with the duties of the post and participates in training and development procedures.
• Complies with all Company Health and Safety policies and legislation in the performance of their duties and responsibilities.
• Maintains confidentiality and observes data protection guidelines.
• Carries out any other reasonable duties commensurate with their capability.

Essential

• At least 4-8 years’ experience of Cyber security / operations in a global organisation
• Must have prior experience in SOC, investigating security incidents and performing RCA of such incidents. Must be used to operating within SLA's across different incident types including response times and remediation times
• Should have experience in threat hunting across multiple environments - Cloud and on-premise
• Must have prior experience on at least 3-4 tools, such as Tripwire, CyberArk, Symantec DCSA, Email gateway, EDR, Tufin or any other firewall audit tool.
• Experience with penetration testing tools and vulnerability management such as Nessus, Rapid7, Kali Linux, NMAP, OWASP-Zap, BurpSuite Etc
• Must have experience in using SIEM products such as Qradar, Logrhythm, AlienVault, Sentinel, Accenture MSS etc., creating advanced co-relation rules, administration of SIEM, system hardening, and Vulnerability Assessments
• Should have clear understanding of Network and its concepts. Must have good knowledge and understanding of firewall rule base analysis and suggest remediation based on the findings. Should have expertise on TCP/IP network traffic and event log analysis.
• Should be able to handle all security alerts Review the alerts and respond accordingly. This involves working with different groups and ensuring that all the alerts are closed in a timely manner. Must have detailed analytical skills and be able to translate findings into clear and understandable insights.
• Should be able to contribute toward Threat Intelligence & brand monitoring process, which involves researching, & reporting on newly identified vulnerabilities in the wild and understanding its implication on Travelex infrastructure.
• Should have basic working knowledge on firewalls, IDS/IPS.
• Should have experience in managing security incidents/breaches and perform investigations/reporting as required.
• Ability to find opportunities for automating repeatable tasks in order to focus on value-adding activities.
• Strong knowledge of Information security Concepts (e.g. Operating System Security, CVSS score, Malware/Virus/Trojan, Cryptography, Vulnerability, Secure/Insecure ports and services etc.)
• Must keep abreast of Cyber Security trends, attack types, risks, and intelligence.
• Must have experience in writing and maintaining SOP's

Desirable

• Should be ready to work in rostered On-Call support model (Support after Office hours / weekends/holiday).
• Strong verbal and written English communication. Ability to communicate effectively at all levels and to influence key stakeholders.
• Professional approach with a confident assertive style and strong interpersonal and presentation skills
• Ability to build & maintain strong relationships with peers and colleagues.
• High level of quality focus.
• A “Can Do” attitude
• Financial Services industry experience.
• Familiarity with ITIL concepts as incident, problem and change management
• Certification such as GCIH, CEH, CCNA Security, Security+, CHFI, etc.
• Awareness of IT Security Compliance (PCI DSS, Data Protection Act, Sarbanes Oxley, ISO17799, etc)
• Bachelors in Computer Science/IT/Electronics Engineering, M.C.A. or equivalent University degree
• Minimum of 4-6 years of experience in the IT security industry, preferably working in a SOC environment