Cyber Security Operations Analyst (L3)

Why we're hiring:

This is an excellent opportunity for an experienced Security Analyst to join our Growing Cyber Security team. The Security Operations Analyst will work within a multi-national team comprised of both internal and external analysts. You will play a key role in ensuring the effectiveness of WPPs cyber security detection, analysis, and response capabilities. You will work with multiple members including engineers and incident responders to ensure that security events are appropriately triaged and effectively resolved.

The role holder will help to ensure that the security operations function continually improves, remains tuned to specific organisational threats, and operates an effective security toolset. You will be help review, improve, maintain and operate a suite of security incident response procedures and playbooks and contribute to  management reporting artefacts.

What you'll be doing:

• Creating and implementing new threat detection content, rules and use cases to deploy in SIEM platform with different data sets like Proxy, VPN, Firewall, DLP, etc.
• help with process development and process improvement for Security Operations to include creation/modification of SOPs, Playbooks, and Work instructions.
• Developing custom content based on threat intelligence and threat hunting results.
• Identifying gaps in the existing security controls and develop/propose new security controls.
• SIEM Engineering and knowledge of integrating various log sources with any SIEM platform.
• experience with MITRE ATT&CK Framework
• Perform Advanced diligent Threat correlation between multiple security event sources such as firewall logs, threat intelligence feeds, AV, IDS, IPS, and MDR solutions
• Participate in on-call rotation for after-hours security incident escalations.
• Lead incident investigation and response activity
• Identify and leverages emerging threat intelligence (IOCs, updated rules, etc.) to identify affected systems and the scope of the attack
• Staying up-to-date with emerging security threats
• Design SIEM solutions to meet growth while maintaining the balance between performance, stability, and agility

What you'll need:

Qualification Requirements (Desirable)

• Computer Science Degree or equivalent
• Certifications such as CEH, GIAC and other SOC tools/platforms

Skills / Experience Requirements

• Strong problem-solving skills, critical thinking, excellent analytical ability, strong judgment and the ability to deliver high performance and high levels of customer satisfaction in a matrix managed environmentTasks include collecting, analysing, and reporting.
• Requires background in at least 3 of the following domains: ethical hacking, incident response, forensic analysis, security engineering, incident analysis and investigations.
• Good OS knowledge such as Windows and Linux
• Proven experience in incident analysis, detection and response

Who you are:

You're open: We are inclusive and collaborative; we encourage the free exchange of ideas; we respect and celebrate diverse views. We are accepting: of new ideas, new partnerships, new ways of working.

You're optimistic: We believe in the power of creativity, technology and talent to create brighter futures or our people, our clients and our communities. We approach all that we do with conviction: to try the new and to seek the unexpected.

You're extraordinary: we are stronger together: through collaboration we achieve the amazing. We are creative leaders and pioneers of our industry; we provide extraordinary every day.

What we'll give you:

Passionate, inspired people – We promote a culture of people that do extraordinary work.

Scale and opportunity – We offer the opportunity to create, influence and complete projects at a scale that is unparalleled in the industry.

Challenging and stimulating work – Unique work and the opportunity to join a group of creative problem solvers. Are you up for the challenge?