Principal Analyst - Cyber Security

Job Details

Salary: Competitive per annum

Hours: 37.5 per week, Monday to Friday

Location: Flexible working with up to 3 days a week in our VHQ, Crawley

Contract: Permanent

Closing Date: 20th April 2025

At Virgin Atlantic Airways, we believe that everyone can take on the world, and it's our vision to become the most loved travel company. As we embark on this next exciting stage of our journey, we're harnessing our spirit of entrepreneurship and innovation to challenge the status quo.

Join our team of forward-thinkers who approach the world with a different lens. We value individuals who are vocal about driving positive change and are willing to dive into both big and small tasks. If you're ready to take your career to new heights, this opportunity is for you.

In a nutshell

The principal purpose of the role is to identify, contain, eradicate, and recover from information security incidents. Assisting the Information and Cyber Security Management team in implementing improvement initiatives that increase our maturity across our Threat Management capabilities. The role will require extensive Incident Response experience including developing threat hunting capabilities, security use cases and playbooks.

Day to day

• Development of the tools and processes to establish and improve the threat hunting program.
• Keeping an up-to-date understanding of the cyber threat landscape through threat intelligence and industry research.
• Define and design new security use cases and alerts to identify evolving attack scenarios.
• Participate in industry-based Threat Intelligence sharing groups.
• Produce reports based on threat activity, trends and reported industry incidents.
• Leading security incident response processes with support from the principal analyst.
• Integrating and analysing threat intelligence sources necessary to evolve our protective controls accordingly.
• Ensure our Security Incident and Event Management (SIEM) and log management capabilities are comprehensive enough to provide actionable alerts, limiting noise and false positives.
• Ensure preparedness for the most common threats and scenarios, supporting the development of playbooks.
• Reduce the organisation's attack surface across all environments to minimise the risk of exposure.
• Provide real-time visibility of security posture and compliance, providing insightful data to management.
• Continually assure the effectiveness of security controls through regular testing.

About you

• CISSP (accredited or associate), OSCP or certificates from GIAC, CREST or equivalent are desirable.
• Forensics experience desirable but not essential.
• Good knowledge of information security frameworks such as NIST, ISO2700 series, PCI/DSS, GDPR and emerging cyber and aviation security standards.
• Demonstrable experience in a similar senior security operations role.
• Demonstrable experience of leading incident response activities through the entire lifecycle.
• A deep understanding of Windows and Linux operating systems, networking, and authentication systems.
• A deep understanding of the operations and expected outputs of security solutions from endpoint to gateway.
• Knowledge and understanding of frameworks such as the Cyber Kill Chain or MITRE ATT&CK matrix.

Be yourself

Our customers come from all walks of life and so do our colleagues. That's why we're proud to be an equal opportunity employer and actively encourage applications from all backgrounds. At Virgin Atlantic, we believe everyone can take on the world - no matter your age, gender, gender identity, gender expression, ethnicity, sexual orientation, disabilities, religion, or beliefs. We celebrate difference and everything that makes our colleagues unique by upholding an inclusive environment in which we can all thrive. So that everyone at Virgin Atlantic can be themselves and know they belong.

To make your journey with us accessible and individual to you, we encourage you to let us know if you'd like a little extra help with your application, or if you have any individual requirements at any stage along your recruitment journey. We are here to support you, so please reach out to our team, ( [email protected] ) feeling confident that we've got your individual considerations covered.