Cyber Security Operations Analyst - #1714317
Standard Life Aberdeen
Job Description
At Aberdeen, our ambition is to be the UK’s leading Wealth & Investments group.
Strengthening talent and culture is one of our strategic priorities. We strive to make Aberdeen a great place to work so that we can attract and retain the industry’s best talent.
Our people put our stakeholders at the heart of everything they do by helping us to make a positive difference to the lives of our clients, customers, colleagues, shareholders and society.
We are focused on growing our direct and advised wealth platforms and repositioning our specialist asset management business to meet client demand. We are committed to providing excellent client service, supported by leading technology and talent.
Aberdeen comprises three businesses, interactive investor (ii), Investments and Adviser, each of which focuses on meeting and adapting to our clients’ evolving needs:
interactive investor, the UK’s second largest direct-to-consumer investment platform, enables individuals in the UK to plan, save and invest in the way that works for them.
Our Adviser business provides financial planning solutions and technology for UK financial advisers, enabling them to create value for their customers.
Our Investments business is a specialist asset manager that focuses on areas where we have both strength and scale to capitalise on the key themes shaping the market, through either public markets or alternative asset classes.
About the role:
Within our Security, Resilience & Protection department, an exciting and challenging opportunity has arisen for a Cyber Security Operations Analyst aligned to Cyber Defence.
Cyber Security Operations Analyst – Cyber Defence
Objective:
The Cyber Security Operations Analyst is an exciting and integral part of the Cyber Security Operations team with the objective supporting the wider Cyber Security Operations team in delivering improvements to the organisations security posture and keeping our business safe from cyber-attacks.
This role is technical and will help to deliver continuous operational security improvements across the Cyber Defence function including; Cyber Security Compliance, Penetration Testing , External Attack Surface Management , Vulnerability Management and Cloud and Network security
The role reports directly to the Cyber Defence Lead and is based in Edinburgh. The role holder will work closely with our Cyber Security Operation Centre and with other security functions as well as specialist 3rd party security suppliers and the global IT and business teams.
Key Responsibilities:
As a part of the Cyber Security Operations team, this role will support:
Server, Endpoint and Cloud Security Compliance, Managing Policy Compliance scanning and reporting and Azure Policy compliance
Ticket triage & response, managing the Information Security Queue in relation to Cyber Defence tickets
External Attack Surface Management, Using our various toolsets to assess and understand our external attack surface and raise actions for technical teams to remediate or mitigate risks..
Vulnerability Management, including deploying scans, prioritising based on context, and operating remediation workflows
Penetration testing governance, including the scoping and scheduling of external penetration testing suppliers, the coordination of remediation actions and hands-on internal application and system testing
About the candidate
IT Security/Information Security knowledge, to identify and respond to cyber security incident.
Experience with security tools, such as IDS/IPS, vulnerability scanners, AV, web and email filtering, webapp firewalls and DDoS protections, host-based protections and malware analysis engines, Pen testing and offensive security tooling.
Familiarity with common enterprise technologies e.g. Microsoft, Linux, VMWare, Citrix
Solid understanding of computer networking concepts and standards, including Network device & Firewall Hardening
Passion for security and self-development to keep up to date with the evolving threat and vulnerability landscape, new technologies and service improvements
Good understanding of Cyber Defence Concepts including vulnerability risk scoring, remediation and mitigation methods. Configuration compliance methodologies
We’re committed to providing an inclusive workplace where all forms of difference are valued and which is free from any form of unfair or unlawful treatment. We define diversity in its broadest sense – this includes but is not limited to our diversity of educational and professional backgrounds, experience, cognitive and neurodiversity, age, gender, gender identity, sexual orientation, disability, religion or belief and ethnicity and geographical provenance. We support a culture that values meritocracy, fairness and transparency and welcomes enquiries from everyone.
If you need assistance or an adjustment due to a disability please let us know as part of your application and we will assist.
How to apply
To apply for this job you need to authorize on our website. If you don't have an account yet, please register.
Post a resumeSimilar jobs
Embedded Linux Field Engineering Manager
Product Analyst
