Security Operations Specialist
Posted on Jul 12, 2019 by CV-Library
LondonWe are looking for The Security Operations Specialist role is responsible for day-to-day Information Security within Business Services operations, and technical security matters across the business line. This will include accountability for the implementation and maintenance of operational security, mitigation of security threats to ensure that the business line is protected from the financial, customer, brand and compliance impact of current and emerging security related threats.
You will be responsible for the daily operation and management of the Security Technologies and Controls including but not limited t0, File Integrity Monitoring, Vulnerability Scanning, Security Information & Event Management (SIEM), Distributed Denial of Service, Penetration Testing, Intrusion Detection System (IDS)/Intrusion Prevention System (IPS) and Security mitigation solutions in the Cloud
You will be responsible for the vulnerability scanning and pre-deployment processes and schedules across different platforms (e.g. Android), working with the operational teams/third parties to identify security issues and track exceptions to resolution or mitigation. You will also be responsible for the Security Incident Management process from triage to closure. This involves managing third party information sources and working with multiple ticketing systems to track and resolve incidents that are identified automatically or manually as a result of events and exceptions.
You will assist with the development and execution of the Security Strategy covering Network, IT, People, Assets and Clients. You will be on call for 2nd line escalation and incident management of security incidents and support and contribute to the following further elements of the IS program, Policies, standards & baselines , Routers & Switches , Firewall rule reviews, Change request reviews and recommendations for internal and service provider changes, Client-facing assessments, Assessments by 3rd party auditors, and ISO 27001 / ISO 20000
A high level of professional expertise in technical security with ample hands on experience.
Knowledge of Security around Web Enabled Apps and associated Server-Side infrastructure
Proven experience of implementation/delivery of technical security solutions
Considerable knowledge of cryptographic management techniques and algorithms
Experience of penetration testing/vulnerability assessment of IT assets
Knowledge of cloud computing in general and AWS cloud security in particular (desirable)
Experience of working in payment domain and with standards such as PCI (desirable)
Excellent verbal and written communication skills demonstrated by an ability to communicate with business leaders, users and tech-savvy stakeholders
Ability to communicate technical data to a non-technical audience and to explain risks that are often complex and obscure to non-specialists
Analytical and objective - able to explain, assess and evaluate risks