Cyber Security – Security Operations Analyst Job Vacancy in London, England, UK

The Role
As part of the technology organisation at the Financial Conduct Authority (FCA), we run digital products throughout the organisation. We are passionate about delivering value in a fun collaborative manner and being an influencer at the heart of the global RegTech and FinTech revolutions driving the digital economy. As part of our Agile journey, we have formed Product Groups that combine our Delivery and Service functions.

As a newly formed Security Product Group, the Cyber Security sits within the Technology Resilience and takes end-to-end accountability for the technology roadmap and architecture, development and operational support of enterprise Security Products across the internal FCA Technology division.
The Security Operations Technical Specialist will be part of Technology – Cyber Security – Security Operations and maintains the platforms, applications and security systems that deliver enterprise security services to the organisation.

What does the role involve/What are the key responsibilities?
Involvement in Security incidents and ensure outcomes align with business priorities and poicy
Involvement in a multi-product group vulnerability management team. Ensure vulnerability management systems perform daily tasks as part of the FCA vulnerability posture.
Provide BAU Security Operations support to business processes to ensure access and change is aligned with FCA guidelines and processes

Key aspects of the work will include:
Provide technical assistance and security SME knowledge to the wider team as part of Security & Service Management activities including incident and problem management, risk management and mitigation.
Support Cyber Security colleagues and Product Groups with Security incidents and ensuring attack surface reduction.
Provide wider Security SME support to the Product Groups and wider Information Security community.
Supporting operations out of hours as part of an on-call rota

What will the candidate get from the role?
We work in small cross functional, self-organising and autonomous teams, passionate about delivering value and having fun.
We like to work smart, not long hours.
We enjoy having a sense of purpose in our job, knowing that we’re serving those in need.
We don’t do micro-managing; we hire people because we believe they are brilliant in getting the job done.
We love diversity.
We admire and look out for servant leaders who have exceptional critical soft skills.
We believe in innovation, not prescription

Skills/Experience Required
We’re a signatory to the Government’s Disability Confident scheme. This means that we will offer an interview to disabled candidates entering under the scheme, should they meet the minimum criteria for a role. A minimum criterion needs to be measurable from reviewing a candidate’s CV. Exceptions may apply if due to the volume of applications we are not able to interview all eligible candidates who qualify under the scheme.

Minimum:
Strong experience of working in a Security Operations role supporting enterprise security services, products and architecture.
Strong interest in Cyber Security with relevant recognised security certification: CISSP and Microsoft security certifications such as SC/, MS, AZ
Have, or be willing and able to obtain HMG SC Clearance.

Essential:
Strong Cyber skills and experience. Ability to act as an SME within an incident and management of minor incidents, involvement in problem investigations, undertaking patching & release management activities in addition to managing product risks & mitigation activities.
Previous experience in Security Operations, preferably 3+ years as a Security Analyst or similar
Thorough working knowledge of Operating Systems, Cloud and Data Centre technology
Strong understanding of network security, Firewalls, IDS and Proxy technology
Strong understanding of Azure and O security roles and technology, Sentinel experience is a bonus
Technical security knowledge and exposure to relevant technical architecture, environments, platforms, software industry and business practices.
Good knowledge and demonstrable experience of Information Security principles, tools, processes and procedures
Experience of working collaboratively with internal teams and external IT Partners.
Experience of coaching others to improve security knowledge

Desirable:
Experience working in the financial services industry
Sentinel and O ‘hunting’ skills
Service Design and Transition experience & knowledge
Good understanding of Security frameworks, eg MITRE, NIST, CIS
Good communications skills (both oral & written) and comfortable engaging at all levels including Senior Management.
Previous experience in security operations including responding to SIEM/SOC alerts, EPP/EDR alerts. O Defender alerts and providing support to security services such as Privileged Access Management, SIEM, Identity Governance & Administration, PKI, Vulnerability Scanning