Security Operations Analyst
Context and main purpose of the job:
Why are we recruiting for this role?
Office 365 cloud services have introduced an enhanced set of security tools to protect, identify and respond to security events. These additional capabilities require a specialist expert to own, manage and develop security operations processes to maintain the NAO’s security posture.
Who are the team?
The Security Operations role is split between the Infrastructure Operations team and the Information Assurance team. The Infrastructure team is responsible for the maintenance and support a broad range of cloud based and on-premise hosted services. The Information Assurance team manages security risk.
What are the main responsibilities of this role?
You will need to respond to both security incidents and events logged by staff members, monitoring tools and security partners. You should have had a good knowledge of security concepts and an understanding of how to analyse and respond to appropriate incidents. You need to be able to communicate effectively with all levels of users both orally and in writing. Delivering a high level of customer service to agreed standards
As part of the daily schedule you will be collating information from monitoring tools as well as third parties to provide an accurate view of the current security position of the organisation. You will also need to educate and advise team members on the handling suspicious emails.
You will be required to use your initiative, research and problem-solving skills to resolve problems and issues and create written documentation where required. The role requires a good grounding in computer systems and network security, and requires the ability to adapt to new technologies, learn new procedures, determine the source of problems, come up with both tactical and strategic solutions.
Full information about the role and responsibilities can be found in the attached job description.
Key skills/competencies required:
- Extensive IT experience, particularly within an IT Security, Cyber Security or Security Operations role
- Experience with Microsoft Cloud Services (in particular Azure and Office 365)
- Strong experience in Enterprise or Cyber Risk Management
- Strong experience in two or more of the following security domains:
- Identity & Access Management
- Network Security (e.g. Firewalls, IDS/IPS, Proxy, Internet Filtering etc)
- Email Security
- Endpoint Security
- Encryption & Cryptography
- Application Security
- Vulnerability Management
- Open source intelligence
- Digital Forensics
- Incident handling
- Strong experience with two or more of the following toolsets:
- Security Incident & Event Management (SIEM)
- Vulnerability Management Tools
- Data Loss Prevention (DLP)
- Intrusion Detection / Prevention Systems (IDS/IPS)
- Anti-Malware tools (such as Windows Defender or McAfee)
- Highly motivated and keen to learn new skills
- Strong analytical skills in order to identify threats/risks/vulnerabilities and perform root cause analysis
- Curious and keen to explore problems to their resolution
- Excellent communication skills (written and verbal)
- Strong stakeholder engagement skills.
Full details of the required competencies can be found in the attached job description.
You must be a UK, Commonwealth, EEA or Swiss national to comply with Civil Service nationality rules and must hold a valid work permit. We are not able to sponsor work visas.
- To apply candidates should provide an up to date CV and covering letter setting out briefly why you are suitable for this role.
- Application deadline is 31/05/2019
The NAO welcomes applications from everyone. We value diversity in all its forms and the difference it makes to our organisation. By removing barriers and creating an inclusive culture all our people have the opportunity to develop and maximise their full potential. As members of the Business Disability Forum and Disability Confident Scheme we guarantee to interview all disabled applicants who meet the minimum criteria.
The NAO supports flexible working and is happy to discuss this with you at application stage.
This Program / Vacancy is closed to applications.