Senior Analyst - Cyber Security

Job Description

Role purposeReporting into the Head of Cyber Control Centre, this role will encompass defending Travelex against Cyber threats. This has a dependency on optimising our technology to be based on sound Cyber security principles in order for us to accurately manage and defend any such attack placed upon the organisation.Cyber Security is seen as a key strategic pillar within the organisation as the methods attackers use evolve Travelex recognises the requirement to remain dynamic in its defence against such threats. This is a hands-on role with responsibilities covering our global geography, as such this requires a candidate that is not only technical in nature but is also able to provide thought leadership and to effectively assist the company in attaining and maintaining its appropriate cyber security appetite. This role sees the ideal candidate supporting the cultural direction and to assist the organisation to achieve its strategic goals.Key accountabilitiesAssurance

• Ensure new systems comply with Cyber Assurance standards and exceptions are documented and authorised.
• Provide oversight for internal and external audits and incidents. Represent Travelex for area of expertise to regulators and customers.
• Provide consultancy into the business for all related matters.
• Proactively assess risks and recommend mitigation solutions.

Relationship management

• Develops and maintains robust relationships with key business stakeholders to ensure assurance analysis is visible and in line with agreed customer expectations.
• Ensures the smooth integration of new assurance standards.
• Raise awareness and profile of Cyber across the business at all levels.

Experience and personal qualitiesManagement information

• Writes and speaks fluently on all aspects of work and communicates effectively with all levels of management.
• Produces accurate, timely and relevant MI for the Head of Cyber Operations, CISO and the team as required.

Communication

• Writes and speaks fluently on all aspects of work and communicates effectively with all levels of management.
• Responsible for pro-active and regular communication with other areas of IT and the business in relation to Assurance analysis.
• Actively communicate and seek feedback from colleagues and customers.
• Play a participative part in Team Briefs.
• Be proactive in the provision of feedback and the delivery of ideas to develop and improve the Assurance service.
• Ensure feedback to line manager outlining general activities of role and how we are doing .

General

• Undertakes any necessary training associated with the duties of the post and participates in training and development procedures.
• Complies with all Company Health and Safety policies and legislation in the performance of their duties and responsibilities.
• Maintains confidentiality and observes data protection guidelines.
• Carries out any other reasonable duties commensurate with their capability.

Essential

• At least 5-8 years experience of Cyber security / operations in a global organisation
• Should have prior experience in SOC, investigating security incidents and performing RCA of such incidents.
• Should have prior experience on atleast 3-4 tools, such as Tripwire, CyberArk, Symantec DCSA, Email gateway, EDR, Tufin or any other firewall audit tool and Nessus.
• Should have clear understanding of Network and its concepts. Must have good knowledge and understanding of firewall rule base analysis and suggest remediation based on the findings.
• Should be able to handle all security alerts Review the alerts and respond accordingly. This involves working with different groups and ensuring that all the alerts are closed in a timely manner.
• Should be able to contribute toward Threat Intelligence & brand monitoring process, which involves researching, & reporting on newly identified vulnerabilities in the wild and understanding its implication on Travelex infrastructure.
• Should have basic working knowledge on firewalls, IDS/IPS.
• Should have experience in managing security incidents/breaches and perform investigations/reporting as required.
• Should be ready to work in rostered On-Call support model (Support after Office hours / weekends/holiday).
• Ability to communicate effectively at all levels and to influence key stakeholders.
• Professional approach with a confident assertive style.
• Ability to build & maintain strong relationships with peers and colleagues.
• High level of quality focus.
• A Can Do attitude
• Experience in investigating security alerts from SIEM, investigating phishing/malicious emails.
• Strong knowledge of Information security Concepts (e.g. Operating System Security, CVSS score, Malware/Virus/Trojan, Cryptography, Vulnerability, Secure/Insecure ports and services etc.)

Desirable

• Financial Services industry experience.
• Familiarity with IT concepts
• Certification such as CEH, CCNA Security, Security, CHFI, etc.
• Awareness of IT Security Compliance (PCI DSS, Data Protection Act, Sarbanes Oxley, ISO17799, etc)
• Educated to degree level (or relative experience in the field)

,

Keyskills :
data protection actit securitycyber securityexternal auditcyber operationsgeneral activitiesthought leadershipsecurity compliancethreat intelligenceinformation securityccna securityoncall support