Social network you want to login/join with:
We will consider flexible working arrangements for any of our roles and also offer workplace accommodations to ensure you have what you need to effectively deliver in your role.
The Cyber Threat Analyst role is positioned within the M&G Security Operations team, which consists of the following functions:
* Security Operations Centre (Monitoring)
* Threat Intelligence and Vulnerability Management
* Security Operations Engineering (Tooling Support)
* Cyber Response (Security Incident Management and Cyber Resilience)
The role reports directly to the SOC Manager, and the successful applicant will work alongside an internal team as well as a Managed Security Service comprising 24/7 L1 and L2 SOC analysts.
Key Responsibilities:
* Contribute to and review use-cases to ensure analytical rules are fit for purpose and reflect real-world attack scenarios, including assisting MSSP in driving team automation.
* Respond to incidents by blocking IOCs, alerting stakeholders, and participating in coordinated team activities.
* Collaborate with internal teams within Security Operations and the wider M&G organization to ensure effective service delivery.
* Coordinate with external teams, such as the managed service provider, to investigate cybersecurity alerts and incidents.
* Act as a business escalation point for MSSP L1 and L2 analysts when further assistance is needed from the 24/7 monitoring team.
* Proactively suggest service improvements to enhance the organization’s security posture.
* Articulate complex problems, risks, and solutions effectively to internal and external stakeholders.
* Adhere to existing processes and procedures, and assist in developing new processes as required.
* Support key internal and external audit activities by tracking SOC activities, ensuring procedural adherence, and participating in technical sessions as needed.
Target Skills, Experience, and Technologies:
* Previous experience in a Security Operations environment.
* Exposure to Cyber Incident Response.
* Experience with Endpoint Detection and Response tools (preferably Defender for Endpoint and/or Palo Alto Cortex XDR).
* Experience with Microsoft Sentinel, including querying logs and creating analytical rules.
* Experience with IDPS systems (e.g., NGFW, Firepower/Sourcefire).
* Familiarity with Microsoft Azure services such as Azure Active Directory, Identity Protection, and Defender for Cloud.
* Experience in use-case management, including fine-tuning false positives.
* Experience working in highly regulated sectors like financial services is preferred.
Desirable Certifications:
Certifications that are desirable for this role include:
* Non-vendor-specific certifications such as CompTIA Security+, CySa+, ISC2 SSCP, Security Essentials.
* Vendor-specific certifications like SC200 and AZ500.
We value diversity and foster an inclusive culture at M&G plc, supported by policies and employee-led networks that provide opportunities, advice, and support for our diverse workforce. We welcome applicants regardless of gender, ethnicity, age, sexual orientation, nationality, disability, military service, or those returning from career breaks.
#J-18808-Ljbffr