Cyber Security Operations Analyst

Job Description

At Aberdeen, our ambition is to be the UK's leading Wealth & Investments group.

Strengthening talent and culture is one of our strategic priorities. We strive to make Aberdeen a great place to work so that we can attract and retain the industry's best talent.

Our people put our stakeholders at the heart of everything they do by helping us to make a positive difference to the lives of our clients, customers, colleagues, shareholders and society.

We are focused on growing our direct and advised wealth platforms and repositioning our specialist asset management business to meet client demand. We are committed to providing excellent client service, supported by leading technology and talent.

Aberdeen comprises three businesses, interactive investor (ii), Investments and Adviser, each of which focuses on meeting and adapting to our clients' evolving needs:

• interactive investor, the UK's second largest direct-to-consumer investment platform, enables individuals in the UK to plan, save and invest in the way that works for them.
• Our Adviser business provides financial planning solutions and technology for UK financial advisers, enabling them to create value for their customers.
• Our Investments business is a specialist asset manager that focuses on areas where we have both strength and scale to capitalise on the key themes shaping the market, through either public markets or alternative asset classes.

About the role:

Within our Security, Resilience & Protection department, an exciting and challenging opportunity has arisen for a Cyber Security Operations Analyst aligned to Cyber Defence.

Cyber Security Operations Analyst - Cyber Defence

Objective:

The Cyber Security Operations Analyst is an exciting and integral part of the Cyber Security Operations team with the objective supporting the wider Cyber Security Operations team in delivering improvements to the organisations security posture and keeping our business safe from cyber-attacks.

This role is technical and will help to deliver continuous operational security improvements across the Cyber Defence function including; Cyber Security Compliance, Penetration Testing , External Attack Surface Management , Vulnerability Management and Cloud and Network security

The role reports directly to the Cyber Defence Lead and is based in Edinburgh. The role holder will work closely with our Cyber Security Operation Centre and with other security functions as well as specialist 3rd party security suppliers and the global IT and business teams.

Key Responsibilities:

As a part of the Cyber Security Operations team, this role will support:

• Server, Endpoint and Cloud Security Compliance, Managing Policy Compliance scanning and reporting and Azure Policy compliance
• Ticket triage & response, managing the Information Security Queue in relation to Cyber Defence tickets
• External Attack Surface Management, Using our various toolsets to assess and understand our external attack surface and raise actions for technical teams to remediate or mitigate risks..
• Vulnerability Management, including deploying scans, prioritising based on context, and operating remediation workflows
• Penetration testing governance, including the scoping and scheduling of external penetration testing suppliers, the coordination of remediation actions and hands-on internal application and system testing

About the candidate

• IT Security/Information Security knowledge, to identify and respond to cyber security incident.
• Experience with security tools, such as IDS/IPS, vulnerability scanners, AV, web and email filtering, webapp firewalls and DDoS protections, host-based protections and malware analysis engines, Pen testing and offensive security tooling.
• Familiarity with common enterprise technologies e.g. Microsoft, Linux, VMWare, Citrix
• Solid understanding of computer networking concepts and standards, including Network device & Firewall Hardening
• Passion for security and self-development to keep up to date with the evolving threat and vulnerability landscape, new technologies and service improvements
• Good understanding of Cyber Defence Conceptsincluding vulnerability risk scoring, remediation and mitigation methods. Configuration compliance methodologies

We're committed to providing an inclusive workplace where all forms of difference are valued and which is free from any form of unfair or unlawful treatment. We define diversity in its broadest sense - this includes but is not limited to our diversity of educational and professional backgrounds, experience, cognitive and neurodiversity, age, gender, gender identity, sexual orientation, disability, religion or belief and ethnicity and geographical provenance. We support a culture that values meritocracy, fairness and transparency and welcomes enquiries from everyone.

If you need assistance or an adjustment due to a disability please let us know as part of your application and we will assist.