Red Snapper Recruitment are currently recruiting on behalf of our policing client based in West Mercia for a Senior Security Operations Analyst
Offering a permanent position, paying £46,674 per annum, office-based role in Hindlip with 2 days of remote working.
The Senior Security Operations Threat Analyst will, assist in the control and monitoring of the Digital Services security services and underlying technologies.
They will proactively hunt for threats within our environments. Ensure the monitoring and analysis of incidents to protect People, Technology, Data and Process, addressing all security incidents and ensuring timely escalation in line with local and nationally set policing security standards.
Engage in Cyber defence capabilities to identify potential threats delivering strategic reports and strategies to minimise the impact of the threat. Provide monitoring of vulnerably management solution and other security related tooling.
Main duties and responsibilities
- To provide technical security operational advice and associated assurance to all Digital Services-based projects and other technical Digital Services activities regarding security controls and monitoring.
- To be a key team member in operational technical security on behalf of Digital Services, reporting into the Security Operations Manager (SOM).
- Active development of processes to strengthen the current Security Operations Framework, follow policies and procedures to address the emerging and changing threats.
- To work with the wider Digital Services team acting as a key contact in data gathering, threat hunting and mitigation planning.
- Undertake daily threat hunting and analysis of security devices to identify unknown threats utilising security and vulnerability management tools.
- To ensure threat management, threat modelling, identifying threat vectors and developing use cases for security monitoring.
- Creating security incident tickets within the ITSM tool. Managing security related incidents through to completion.
- To create reports, dashboards, metrics for security operations and presentation to the Security Operations Manager and other Senior Managers.
- Constructively contribute to internal security forums, ensuring that Digital Services security actions are in line with organisational priority and need.
- Ensure that technical security measures in place for our ICT systems are aligned to nationally set policing security standards and keeping up to date with changes driven by the National Police Technology Council, NCSC (National Cyber Security Centre), and other relevant public bodies.
- Provide technical input for accreditation required as part of access to secure policing and/or government environments.
- To support the SOM and other Digital Services senior managers on operational ICT continuity and recovery testing and associated activities.
- To provide patch management support to users, endpoints, and appliances. Ensuring all patching is completed in line with agreed SLAs (Service Level Agreements) and to an agreed schedule.
- To provide technical assistance and be a liaison for independent technical security health checks (penetration testing), taking responsibility for ensuring the timely implementation of agreed remedial actions.
- To monitor the organisations security services that are in place for intrusion detection, prevention, and mitigation. Linking in with the National Monitoring Services provided by Police Digital Services to assist in the review of current and emerging threats.
- Maintain a level of responsibility for technical investigations of cyber-security or professional standards incidents impacting West Mercia.
- To undertake impact assessments of new legislation, threats, ICT suppliers, and solutions, and to initiate new or changed ICT security controls, protocols, or procedures, in conjunction with the SOM.
- Increase maturity and knowledge of the security operations team, help improve the skills of others, act as a mentor to the security operations team and wider digital services team in areas of operational security.
- To function as a resource for the SOM to take on other security or ICT related responsibilities that would assist in prevention and protection from operational threats.
Person Specification
- To be educated to diploma level (Level 5) in an ICT related discipline or equivalent experience.
- Working towards or qualified in one or more recognised Security Qualifications such as ISC2’s Certified Information Systems Security Professional (CISSP) and/or HMG’s CESG Certified Professional (CCP), or equivalent academic or professional security qualification.
- Microsoft Azure SC-200 or other vendor qualifications for threat hunting such as such as CrowdStrike University Falcon 302 or Trend Micro Next-Gen Cyber Defence.
- Knowledge and understanding of Industry Best Practice and relevant guidelines such as ITIL 4 Foundation.
- Knowledge of current Information Technology Standards and Techniques (including ISO 27001 series, HMG’s Cloud Security Principles and Cyber Essentials).
- Significant knowledge and understanding of the technical security threats and trends that impact upon information security.
- Knowledge of the Mitre ATT&CK Framework for cyberthreat detection, investigation, and management.
- Experience of being involved in technical security and providing associated expertise to projects, activities, colleagues, and senior management.
- Experience in coordinating penetration and other security testing and ensuring completion of any agreed remedial action.
- Experience in threat hunting and threat analytics making use of security application and tooling to identify new threats.
- Experience working with SEIM and EDR tooling.
- Experience with monitoring and securing on premise and cloud-based solutions.
- Experience using vulnerability management solutions such as but not limited to Tenable SC/Nessus.
- Experience in reporting and managing threats and other IT incidents.
- Experience managing sensitive enquiries confidentially.
- Experience consulting with wider IT teams and external entities.
- Experience working with modern security detection and prevention technologies, including cloud-based solutions such as MS defender.
- Experience in providing patch releases, patch schedules and patch deployment coordination.
- Knowledge of disaster recovery and continuity exercises and the relevance of these within the modern IT landscape.
If this role is not for you but you do know somebody who would be interested please refer them. We have a referral bonus scheme and will pay £75, in retail vouchers of your choice, for referrals who are not already known to us.
Due to the high volume of applications received, if you do not hear from us within 7 working days, I am afraid your application has been unsuccessful.
RSR is a public safety & enterprise security recruitment specialist.
We assist public safety employers find the right talent.
We assist all employers when they want to source public safety and enterprise security skills and experience.
Red Snapper Recruitment is a member of the Red Snapper Group.
The Red Snapper Group acts as an employment agency (permanent) and as an employment business (temporary) – a free and confidential service to candidates.
The Red Snapper Recruitment Group is an equal opportunities employer.
Apply for this job