Job Information
Travelex SOC Analyst in IND, United States
Role purpose
Reporting into the Head of Security Operations, this role will encompass defending Travelex against Cyber threats. This has a dependency on optimising our technology to be based on sound Cyber security principles in order for us to accurately manage and defend any such attack placed upon the organisation.
Cyber Security is seen as a key strategic pillar within the organisation as the methods attackers use evolve Travelex recognises the requirement to remain dynamic in its defence against such threats. This is a hands-on role with responsibilities covering our global geography, as such this requires a candidate that is not only technical in nature but is also able to provide thought leadership and to effectively assist the company in attaining and maintaining its appropriate cyber security appetite. This role sees the ideal candidate supporting the cultural direction and to assist the organisation to achieve its strategic goals.
Key accountabilities
Relationship management
Develops and maintains robust relationships with key business stakeholders to ensure assurance analysis is visible and in line with agreed customer expectations.
Ensures the smooth integration of new assurance standards.
Raise awareness and profile of Cyber across the business at all levels.
Experience and personal qualities
Management information
Writes and speaks fluently on all aspects of work and communicates effectively with all levels of management.
Produces accurate, timely and relevant MI for the Head of Security Operations, CISO and the team as required.
Communication
Writes and speaks fluently on all aspects of work and communicates effectively with all levels of management.
Responsible for pro-active and regular communication with other areas of IT and the business in relation to Assurance analysis.
Actively communicate and seek feedback from colleagues and customers.
Play a participative part in Team Briefs.
Be proactive in the provision of feedback and the delivery of ideas to develop and improve the Assurance service.
Ensure feedback to line manager outlining general activities of role and ‘how we are doing’.
General
Undertakes any necessary training associated with the duties of the post and participates in training and development procedures.
Complies with all Company Health and Safety policies and legislation in the performance of their duties and responsibilities.
Maintains confidentiality and observes data protection guidelines.
Carries out any other reasonable duties commensurate with their capability.
Essential
At least 4-8 years’ experience of Cyber security / operations in a global organisation
Must have prior experience in SOC, investigating security incidents and performing RCA of such incidents. Must be used to operating within SLA's across different incident types including response times and remediation times
Should have experience in threat hunting across multiple environments - Cloud and on-premise
Must have prior experience on at least 3-4 tools, such as Tripwire, CyberArk, Symantec DCSA, Email gateway, EDR, Tufin or any other firewall audit tool.
Experience with penetration testing tools and vulnerability management such as Nessus, Rapid7, Kali Linux, NMAP, OWASP-Zap, BurpSuite Etc
Must have experience in using SIEM products such as Qradar, Logrhythm, AlienVault, Sentinel, Accenture MSS etc., creating advanced co-relation rules, administration of SIEM, system hardening, and Vulnerability Assessments
Should have clear understanding of Network and its concepts. Must have good knowledge and understanding of firewall rule base analysis and suggest remediation based on the findings. Should have expertise on TCP/IP network traffic and event log analysis.
Should be able to handle all security alerts Review the alerts and respond accordingly. This involves working with different groups and ensuring that all the alerts are closed in a timely manner. Must have detailed analytical skills and be able to translate findings into clear and understandable insights.
Should be able to contribute toward Threat Intelligence & brand monitoring process, which involves researching, & reporting on newly identified vulnerabilities in the wild and understanding its implication on Travelex infrastructure.
Should have basic working knowledge on firewalls, IDS/IPS.
Should have experience in managing security incidents/breaches and perform investigations/reporting as required.
Ability to find opportunities for automating repeatable tasks in order to focus on value-adding activities.
Strong knowledge of Information security Concepts (e.g. Operating System Security, CVSS score, Malware/Virus/Trojan, Cryptography, Vulnerability, Secure/Insecure ports and services etc.)
Must keep abreast of Cyber Security trends, attack types, risks, and intelligence.
Must have experience in writing and maintaining SOP's
Desirable
Should be ready to work in rostered On-Call support model (Support after Office hours / weekends/holiday).
Strong verbal and written English communication. Ability to communicate effectively at all levels and to influence key stakeholders.
Professional approach with a confident assertive style and strong interpersonal and presentation skills
Ability to build & maintain strong relationships with peers and colleagues.
High level of quality focus.
A “Can Do” attitude
Financial Services industry experience.
Familiarity with ITIL concepts as incident, problem and change management
Certification such as GCIH, CEH, CCNA Security, Security+, CHFI, etc.
Awareness of IT Security Compliance (PCI DSS, Data Protection Act, Sarbanes Oxley, ISO17799, etc)
Bachelors in Computer Science/IT/Electronics Engineering, M.C.A. or equivalent University degree
Minimum of 4-6 years of experience in the IT security industry, preferably working in a SOC environment