Operational Security Analyst

Social network you want to login/join with:

Are you passionate about cyber security and eager to work in a collaborative and inclusive environment, where every member’s contribution is valued? Do you enjoy working closely with diverse technical teams to protect and secure digital assets? Then working in the Operational Security team at Trayport is likely to be a great place for you!

If you’re interested in all-things cyber security and have a passion for technology, then we have a great opportunity to join a close-knit team, focused on defending the organisation from cyber-attacks, breaches and security incidents. You will work alongside an experienced team of security professionals and help secure and monitor an array of exciting technologies across the business (both on-prem and cloud), in a role which offers great opportunities for career development.

Your primary areas of operation will be:

• Event management
• Incident response and management
• Network security
• Vulnerability management

Responsibilities

As an Operational Security Analyst, you will:

• Monitor and investigate security events arising from our SIEM, security tooling and vendors/partners
• Actively contribute to improving the capabilities to detect, investigate and resolve anomalies and threats in our network, as well as developing and improving response plans and playbooks.
• Maintain and configure endpoint and network security tools, ensuring an appropriate balance of user experience and level of protection that aligns with the organisation’s risk appetite.
• Improve hardening of systems in line with current best practices. Work with key stakeholders to ensure recommendations are implemented in a timely fashion.
• Maintain awareness of emerging threats and vulnerabilities and make recommendations to mitigate the associated risks.
• Assess security vulnerabilities of Trayport's infrastructure and systems and ensure they are remediated.
• Be an initial point of contact for the OpSec team, discussing challenges with technical users and prioritising requests for the security team’s input or support.
• Form part of a larger Information Security team, contributing to other ongoing initiatives, such as risk management and compliance.
• Work with the broader security team, as well as stakeholders from around the business, to maintain and improve our security posture, in-line with our ISO27001 certified ISMS.

Skills and Experience

• Ability to understand key concepts and communicate with team members and other stakeholders.
• Passion for security and associated technology - keeps up to date with technical developments in the industry.
• Has an eye for detail, conscientious, diligent, reliable, self-motivated and a natural problem-solver
• Strong knowledge of the following technical skills and (at least) a general awareness of the rest:
• Windows Security
• Active Directory/LDAP
• Basic programming/scripting (e.g., PowerShell, Bash)
• Vulnerability management and associated tools (Rapid7)
• SIEM and associated tools (Splunk)
• Endpoint security controls (EDR/Anti-virus)
• General Networking (OSI model, TCP/IP, DNS, ICMP, routing)
• Network security controls (Firewalls, packet capture devices, TLS inspection, IDS/IPS)
• Cryptography/PKI
• MFA solutions (Okta, Vasco, etc.)
• One or more of the following:
• Prior experience working in an information security discipline or systems admin/engineering role
• Bachelor's degree in a related discipline (computer science/computer security)
• Knowledge of the ISO/IEC 27000 Information Security standards and previous experience working within a compliant ISMS.
• Knowledge of IT end-to-end problem management and root cause analysis.
• Hands-on experience with Systems Administration and Networking.

Trayport is committed to creating and sustaining a collegial work environment in which all individuals are treated with dignity and respect and one which reflects the diversity of the community in which we operate. We provide accommodations for applicants and employees who require it.