As a Senior Security Analysts within Admiral’s Information Security Department you will be responsible for monitoring, investigation and containment of security events whilst also conducting threat hunts when no alarms are present.
The Security Analyst team is responsible for monitoring and analysing an array of security tooling such as the SIEM, AV, firewalls and IDS for both on-prem and cloud deployments.
You will also be mentoring Tier 1 analysts and be the primary port of call of escalations from our 3rd party MSSP.
Responsibilities
- Monitor security applications and investigate subsequent alerts/alarms
- Work with the other security/IT teams to investigate, contain and remediate cyber security incidents
- Develop new cyber alerts for deployment to the security tooling to increase detection coverage
- Contribute to the security monitoring and response strategy
- Work with our ‘managed security services provider’ (MSSP)
- Act on intelligence feeds and perform threat hunting being prepared to change that assessment in the presence of new evidence
- Assist the incident response team with technical analysis and provide timely updates during an investigation
- Ensure all security events are investigated and documented to completion
- Analyse use cases and playbooks and offer improvements
- Participate in and help coordinate training scenarios to exercise processes, tools and staff across the wider security team
- Stay up-to-date on the changing threat landscape
- Support the development of junior security analysts
- Use investigation findings to recommend security posture improvements (identify gaps)
Essential Experience/Skills
- 2 years’ experience in Cyber Security; previous SOC experience beneficial.
- Understanding of the Cyber Kill Chain, MITRE ATT&CK and other information security defence and intelligence frameworks
- Understanding of enterprise cyber defence strategies
- Problem solving/analysis skills
- Experience investigating attacks against external and internal services
- Experience reviewing alerts and log data from a wide variety of sources
- Experience evaluating OS logs, directory services, application logs, firewall, IPS, host security, network devices, DLP in investigations
Desirable Skills
- Proficient with SIEM technologies (Security Information and Event Management e.g. LogRhythm, Splunk, ELK, Qradar, Arcsight)
- Good Knowledge of Infrastructure concepts – Such as Windows, Linux, DNS, AD and Networking
- Experience with cloud technologies
- Experience in supporting endpoint detection and response systems.
- Dedication to learning and gaining new skills
- Scaled agile
- Threat hunting
- Experience using data loss prevention tools
- Monitoring of insider threats
- One or more of the following:
- CompTIA Certification such as: Security+, CySA+
- GIAC Certification such as: GCIH, GCIA, GDAT, GCDA, GISP
About Admiral
We're Wales’ only FTSE 100 company. We have forward-thinking approaches and provide endless opportunities to test, learn and grow. There's a reason we've been named a Best Place to Work: our progressive culture, core values, and commitment to diversity and inclusion have created a working environment where people share ideas, aren’t afraid to speak up and change things, and above all, feel valued.
Admiral has grown from being a small start-up into a multi-national organisation. The company is constantly investigating new products, services and markets and is now present in eight countries with a diverse product portfolio.
Our success goes hand-in-hand with having a strong culture where we put our people and customers first. Our philosophy is simple yet effective: people who like what they do, do it better, and this, in turn, means that our customers receive the level of service and products that they deserve. Our culture is honest, open and wholeheartedly focused on four key areas:
Communication, Equality, Reward & Recognition, and Fun.
Salary, Benefits and Work-Life Balance
We do not have a set salary for this position, as it will be dependent on the successful candidate’s experience. We are happy to see CVs from all candidates who meet the requirements and will be happy to discuss the remuneration package.
At Admiral, we are proud to be a diverse business where we put our people and customers first. We have great benefits to ensure employees have a great work-life balance; it's one of the reasons we're voted no. 1 in the 2019 Sunday Times Best Big Companies to Work For in the UK. We want you to have an element of freedom to define a working lifestyle that supports this, so accommodate flexible hours wherever possible.
You can also view some of our other key benefits here; https://admiraljobs.co.uk/employee-benefits/.
#LI-LP1
