Back to Jobs
SOC Analyst (ISO) / Infrastructure Support – UK
The vacancy has expired
-
SalaryCompetitive Salary + Other Benefits
- LocationLondon, United Kingdom
-
IndustryBanking & Financial Services
Job Description
Job Title: SOC Analyst (ISO) / Infrastructure Support - UK
Industry: Banking
Location: United Kingdom
Salary: Competitive Salary Package + Benefits
Job Purpose:
- This is a dual role of SOC Analyst (ISO) and also assist with infrastructure. The candidate must be able to help shape the future landscape of the Bank infosec environment. They will assist in the development and implementation of roadmaps, data mapping and engagement that ensure the security and risk strategy meet regulatory requirements within the broad area of the Bank frameworks (ISO) and technology standards. Attention to detail and a high level of accuracy are key.
- The InfoSec SOC Analyst will report directly to the Head of IT/CISO and will work across the business to ensure Technology is proactively used to secure the business. This person will be an enabler with an innovative attitude and a proactive, positive approach.
- The role is split between 60/40 between Infosec and Infrastructure. Ideal candidate will have at least a few years of infrastructure support and should be comfortable in understanding and supporting networks. Good knowledge of Azure, VDI and Microsoft Technologies will be a great advantage.
Responsibilities:
- Collaborate with 3rd party SOC and on-prem IT teams – identifying and recommending new technologies, tools and techniques.
- Assisting in pilot schemes / proofs of concept solutions to create patterns that lead the way for future Technology systems and security processes.
- Assist in the review, development and delivery of the vision for the future-state security goals to enable the business process and Technology portfolio to closely align to the business goals
- Working with team on Technology Risks Assessment and Compliance
- Providing information security assurance across business projects and solutions.
- Provide reporting to the UK and Group CISO, Board, Risk, Audit Committees, and subsidiary operations committees.
- Maintain and develop the cybersecurity framework and IT security controls while overseeing and standardizing the local implementations of the framework.
- Oversee subsidiary related SOC and incident management processes; partner with IT on the delivery of secure architecture, products and services; lead the identification, analysis, resolution and management of cyber and information security incidents occurring in the UK and worldwide, noncompliance and risks specific to the Group; and potentially lead emergency and incident response teams.
- Operationalize a vulnerability management programme with regular vulnerability assessments, risk analysis and remediation planning.
- Provide security review and due diligence on business and IT projects.
- Lead an improvement in Cyber Security maturity for the Bank using security incident management, exercises, reporting and reviewing; respond to incidents and events as appropriate to plans, and potentially lead on remediation subject to circumstances
- Liaise and collaborate with other senior members of the team such as COOs and stakeholders to create a strategy and vision for the team and the company.
- Maintain and develop the cybersecurity framework and IT security controls while overseeing and standardizing the local implementations of the framework.
Job Requirements
Education and Experience
- At least 3 years of Information Security architecture or strategy
- Certified in at least one or more of the following: CISSP, CRISC, CISA, CISM, PCI QSA/ISA
- Experience in Project Management (PMP and PRINCE II) is an added advantage
- Deep knowledge or familiarity with ISO27001 or similar frameworks
- Extensive knowledge and experience working with a data centric environment to include traditional on-premises and cloud environments (Azure).
Key Competency Requirements:
Knowledge
- Knowledge of SIEM, Cisco, Fortigate and firewalls.
- Understanding of security engineering concepts, principles and theories.
- Knowledge of balance business priorities, information security risks, emerging threats and best practice of security application architecture to ensure the confidentiality, integrity, and availability of assets.
- Knowledge of information security frameworks such as ISO, CIS, NIST, Encryption methodologies, Vulnerability and Pen Testing, DLP, Identity and Access Management.
- Operational knowledge of software like Ivanti, Kenna Reports, Tenable, Languard, SCCM, etc
- Knowledge in database management & security, Information security audit and review, risk assessments, etc.
- Use of security assessment tools, IT Audit tools, security administration, and IS security product knowledge
- Knowledge of communications, cryptography, business continuity planning, incident response and control, etc.
Skill/Competencies
- Must demonstrate strong skills to effectively work collaboratively and cross-functionally with members of the IT organization and various lines of business.
- Excellent written and verbal communication skills. Able to multi-task effectively.
- Effective in communicating issues, impacts and corrective actions.
- Ability to clearly report information relevant to sound systems security engineering design. Excellent troubleshooting and problem-solving skills.
- Analytical thinker combined with skills of thinking outside the box.
- Ability to adapt to changing priorities, handle multiple assignments, and adhere to strict deadlines.
- Ability to coordinate actions from several different teams, high level of detail orientation.
- Proven experience and desire to operate as a self-starter.
- Proven ability to map and understand complex relationships and interactions between Enterprise Architecture, business direction, emerging trends, emerging technologies, and legacy systems.