The Security Operations Analyst is a member of the Security Operations team, reporting to the Security Operations Lead. The purpose of this role is to maintain strong oversight of the 24x7 Security Operations Centre, manage a number of operational security services related to this, review the security impact of infrastructure changes within the environment, monitor & manage associated toolsets.
Key Accountabilities & Responsibilities
* Responsible for overseeing the day-to-day operational delivery of services provided to DLG by its third party 24x7 Security Operations Centre. These services include Denial Of Service Protection (DDoS), Web Application Firewall, Intrusion Prevention & Detection, File Integrity Monitoring, Vulnerability Scanning, Privileged Access Management, SIEM.
* Responsible for operating and maintaining data leakage prevention toolsets, responding to alerts for data loss events including investigation and management of any data loss incidents that breach corporate data handling requirements and/or industry standards (such as PCI DSS).
* Participate in the rotational 24/7 security incident response capability. Must be capable of acting as the single point of contact for all security related response actions and decisions. This includes management of each incident from a security perspective, interaction with IM/MIM teams (where required) and recording of all key security decisions.
* Responsible for maintaining security oversight of the technical infrastructure delivered by third party suppliers and raising concerns/issues that pose a security risk to the organisation accordingly. Must also manage any operational risk remediation to conclusion.
* Responsible for operational support of the security certificate provisioning platform, including all operational functions. This includes alerting key stakeholders, scheduled and ad-hoc reporting, renewal and revocation of certificates and updates to procedural documentation.
* Responsible for managing the governance of the firewall rule bases and associated change management process.
* Responsible for providing security input and for maintaining relationships with the Service Management function in relation to change management, problem management and incident management.
* Responsible for overseeing the management of web proxy policy configuration provided by third party providers.
* Responsible for monitoring the operational security communication channels responding appropriately to queries/requests from the business.
* Responsible for monitoring and responding to emerging threat patterns, vulnerabilities and anomalies and provides escalations of any unknown threats to relevant areas within the company.
* Responsible for reporting metrics on the status of technical information security controls across the DLG estate, highlighting risk areas and working to develop and manage remediation plans as required.
* Responsible for collaborating with all CISO teams to report appropriate operational issues that may be resolved at an architecture level.
Stakeholder Management
* Responsible for developing and maintaining relationships with various internal & external stakeholders, including Technology Services and IT Risk.
Microsoft security suites (Defender, Azure & Defender for Cloud)
Qualifications
* Experience of working in high performing teams and understanding the dynamics of teamwork in an operational security environment.
* Knowledge and operational experience in firewalls, intrusion detection and prevention systems, anti‑virus and content filtering, URL filtering, authentication solutions, Network and Cloud Architecture, Voice over IP (VoIP), firewall zoning and PKI infrastructure.
* Ability to read and understand system data including security event logs, system logs, application logs, and device logs, etc.
* Knowledge and experience of enterprise grade technologies including operating systems, databases and web applications.
* Knowledge and experience of performing network traffic analysis for identifying any developing patterns.
* Ability to work both independently and as part of a team.
* Strong analytical skills to monitor information and perform detailed data analysis to identify any vulnerabilities.
* Ability to identify and understand key issues and areas for improvement in the Information Security realm.
* Motivated to delivering quality and striving for continual improvement.
* Logical thinking and analytical ability.
* Aptitude in solving problems independently.
* Communicate and present concisely and effectively based on appropriate level of management interaction.
Desirable Skills & Competencies
* Experience with any of the following technologies: Data Loss Prevention, Intrusion Prevention/Detection Systems, Firewalls, SIEM.
* Knowledge of reporting suites such as Power BI.
* Good understanding of Microsoft security suites and associated qualifications.
* Threat identification.
* Fundamental Cloud Concepts for AWS.
* OWASP Top 10: API Security Playbook.
* Security Analysis for CompTIA CySA+ or similar level of certification.
* Security certifications such as CISM, CISSP, M.Inst.ISP, CISA by a recognised professional body.
* Technical certifications by a recognised professional body in network or systems engineering, Mandatory Skills: Forcepoint DLP.
Wipro is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, caste, creed, religion, gender, marital status, age, ethnic and national origin, gender identity, gender expression, sexual orientation, political orientation, disability status, protected veteran status, or any other characteristic protected by law. Wipro is committed to creating an accessible, supportive, and inclusive workplace. Reasonable accommodation will be provided to all applicants including persons with disabilities, throughout the recruitment and selection process. Accommodations must be communicated in advance of the application, where possible, and will be reviewed on an individual basis. Wipro provides equal opportunities to all and values diversity.
#J-18808-Ljbffr