Senior Information Security Analyst

Mon 04 Jun 2018

Objective of job :

This role would be responsible for the Security operations across the group and would perform activities like reviewing threats and incidents.

Key Responsibilities :

  • Ensure Security Incidents are raised and managed in line with Equiniti defined processes. 
  • To escalate incidents and appropriately manage and record them.
  • Handling of security incidents raised by SOC provider.
  • Monitor external threat intelligence sources to assess the risk to Equiniti’s infrastructure and services.
  • Ensure risks are maintained and managed inline with Equiniti’s processes.
  • Proactively manage internal and external security services to identify threats to Equiniti infrastructure and services including Log Management, Manage Security Service alerts, vulnerability scanning, signature definition and reporting.
  • Conduct regular and ad-hoc vulnerability scans against our infrastructure to identify gaps and provide assurance (i.e. that we’ve patched specific exploits).
  • Be a point of contact and escalation for the Managed Security Service provider. Ensure appropriate responses, escalation and allocation of response. Define thresholds and response processes. 
  • To conduct and review information security audits of IT systems at group locations. Identify incidents, weaknesses and areas for improvement and to articulate, document and communicate these, as required, through authorised channels.  
  • To analyse reports and respond to alerts from protective monitoring systems deployed in order to monitor the use of systems and services by users, to support incident response and investigation activities and thus ensure compliance is maintained and evidenced. 
  • To track and manage identified vulnerabilities to ensure on-going visibility of issues through to mitigation, and to report on the status of identified vulnerabilities.
  • To support the ongoing capture and submission of information security management metrics to support the continual improvement of the ISMS and identification of incidents and weaknesses.
  • Should be willing to work US hours

Qualification & Skills :

Mandatory

  • Experience of working within the IT industry, delivering support services and/or projects within a fast-paced, highly client-focused organisation.
  • Ability to demonstrate experience in Security Operations environments
  • Experience of managing a small team across site boundaries
  • Knowledge of information technology related to information security systems and software, networks and database technologies 
  • Knowledge of threat / vulnerability trends in Cyber Security
  • Knowledge of Information Security policies, procedures and practices 

Desirable

  • Knowledge of forensic processes and procedures
  • Experience liaising with third party managed service providers
  • Experience of incident management

 

Personal Traits

  • Excellent People management skills
  • Excellent communication skills oral and written
  • Process oriented
  • Desire to learn and ability to quickly implement learnings, train and coach team mates
  • Expert/advanced Troubleshooting skills
  • Good Team player but also able to work as an individual
  • Highly motivated and ambitious
  • Ability to manage work as per the targets provided
  • Ability to work in a virtual and remote environment. 

Trust 

  • Acts with integrity and high personal standards in dealings with others.
  • Treats others with respect, openness, honesty and fairness (empathy).
  • Says what they mean; walks the talk.  
  • Accepts responsibility rather than apportioning blame. 
  • Creates the right blend of support and challenge – for self and others.
  • Maintains the organisation’s reputation for high standards of business conduct. 

Client Focus

  • Adds values and builds true partnerships.
  • Effectively manages expectations to achieve a positive outcome.  
  • Takes personal responsibility for the performance of the Client relationships.
  • Makes a strong positive impact and professional impression.
  • Builds effective networks (internally and externally). 
  • Effectively communicates with Clients and key stakeholders.   
  • Manages, maintains and promotes each relationship to deliver added value solutions and maximise growth potential. 
  • Probes facts and opinions to determine underlying needs and expectations to find out what Clients/Customer’s really need today and identify future requirements.   
  • Pro-actively manages all stakeholders throughout contract renewal and tender processes.  
  • Motivate others to meet and exceed customer service standards by creating the right working environment and relationships.

Belief 

  • Is passionate and believes in what we do and who we are. 
  • Champions collaboration across the business for the benefit of Clients and Customers.
  • Maintains their motivation and commitment, despite changes in direction.
  • Consistently demonstrates the Equiniti Group Values, even under pressure.

People

  • Acts as a role model to others.
  • Positive, enthusiastic and supportive of others.
  • Promotes teamwork and works effectively with others to achieve own and wider business goals.
  • Leads in sharing good practice, knowledge and experience with others.
  • Embraces challenges and responds quickly and positively to change.
  • Is receptive, flexible and resilient.
  • Adopts personal style to suit the situation and needs of others.
  • Leads, coaches and develops others to reach their full potential. 

Excellence 

  • Passionate about delivering service excellence and putting the Client / Customer first.
  • Works hard to get it right first time and keep promises and commitments to others.
  • Pro-actively takes actions and works with others to enhance our performance and reputation.
  • Takes ownership for problems and finds solutions.
  • Constantly searches for opportunities to add value and reduce costs for the Business and Clients.  
  • Continuously learns and improves from experience and shares this with others.
  • Involves and leverages knowledge of others in decision making and problem solving.
  • Makes decisions by evaluating options and uses commercial and market awareness to make appropriate recommendations.
  • Effective use of own time and commits to realistic deadlines.

Task description :

  • Security Alert Incident Management.
  • Monitor Security Threats.
  • Manage proactive activities to mitigate security threats.
  • Coordinating vulnerability scanning and testing activities with external partners.
  • Liaise with Managed Security Services partner monitoring and respond to security events.
  • Internal Information Security Audits.
  • Protective Monitoring.
  • Vulnerability Management.
  • Information Security Metrics.