Cyber Security Level 3 Analyst / Engineer

About The Role

We now have a fantastic opportunity for a CSOC Level 3 Analyst/Engineer to join our Cyber Security Operations Centre Team, embedded within IT Operations.

The role is based at our Hereford Campus, featuring state-of-the-art facilities.

We offer a variety of workspaces, including an open-plan office, outdoor areas, and meeting pods, along with plenty of spots to relax, unwind and socialise.

We believe in the importance of in-person collaboration, but also recognise the need for flexibility. Our Cyber Security Operations Centre Team follows a hybrid working model that balances business requirements with individual flexibility. For this role, you'll be expected to work in the office 2 to 3 days per week to support team collaboration and meet business priorities.

The CSOC currently operates an on-call rota, which you will be expected to participate in. In addition, the CSOC will be driving towards a full 24/7/365 operation in the near future.

Reporting to the Cyber Security Manager, as CSOC Level 3 Analyst/Engineer, you will be the engineering lead in the CSOC function.

Your primary focus will be to ensure compliance with regulatory requirements and controls are kept up to date. You will develop and maintain all the security operations' tool sets, ensuring they are working at optimum performance, tuning and building new rule sets, and responding to engineering requests that relate to allpay's Security Information and Event Management (SIEM) system.

You will also be responsible for the automation of CSOC tasks and reporting.

Key Responsibilities:

• Ensure that systems, services, and applications are secured, monitored, and threats are detected and responded to accordingly.
• Alongside the Cyber Security Manager, form part of the TDA (Technical Design Authority) group to verify any new project work, ensuring the development and infrastructure teams introduce best practices for hardening our defenses.
• Provide ad-hoc out of hours additional support during a major incident (Severity 1 or 2) or where the business need demands it.

About You

As our ideal CSOC Level 3 Analyst/Engineer you will have the following:

Knowledge and Skills:

• Solid understanding of IT security architecture/infrastructure best practices.
• Solid understanding of CSOC progression and maturity models and strategically advise on operational current best practices which align with business goals.
• Knowledge of the operation, configuration, and maintenance of Security Information and Event Management (SIEM) systems, as well as Endpoint Detection and Response (EDR) tools.
• Skilled at creating custom Indicators of Attack (IoAs) to align with current attack vectors and threats facing the business.
• Serve as subject matter expert on incident detection and analysis techniques providing guidance to all level analysts and making recommendations to organizational managers.
• Strong background in DevOps practices, including pipelines and YAML, alongside proficiency in scripting languages such as Python, PowerShell, and Bash, which you will utilize for automation and analysis.
• Understand key principles of software development, log analysis, and digital forensics and be adept at leading automation and orchestration requirements for the CSOC.
• Ideally, a solid grasp of regulatory compliance requirements and previous experience within the Financial Services sector, along with risk identification, solution design, and issue resolution.
• Effective communication skills, both written and verbal.
• A team player with a proven ability to collaborate effectively across multiple business functions and adapt to fast-paced situations.

Qualifications:

• Ideally a bachelor's degree in cyber security or an IT related field.
• Attained or are working towards any of the following: Microsoft Qualifications such as AZ-500, SC-200/300/400, Security qualifications such as CPIA, CASP+, CISSP, CEH, OSCP or similar.

About Us

People are at the heart of allpay and we reward our employees with a competitive benefits package which includes a defined contribution group pension scheme, income protection, life assurance, an array of health and wellbeing options including private healthcare cover and an onsite gym. This is coupled with our excellent Learning and Development offering.

We are a company committed to Equal Opportunities.

All roles at allpay Limited are subject to successful background checks including a DBS and Credit Check.