Job Details: xSecurity Operations Officer
Full details of the job.
Vacancy Name
Vacancy Name xSecurity Operations Officer
Vacancy No
Vacancy No VN594
Employment Type
Employment Type Full-Time
Location
Location Hybrid - Borehamwood
About Us
About Us Our Mission
Happy, healthy pets, make for happy, healthy people.
We aim to strengthen the unique bond between pets and their parents through our innovative products and services, enabled by brilliant colleagues who embody our values of performance, exploration, togetherness, and sustainability.
Our Journey
In 2016 we set out to focus entirely on pet insurance with pets and families at the centre of our business strategy and in 2017 launched a new brand, EveryPaw.
To offer our customers a choice of insurance options for their pets, we also focussed on finding the right partners to support our growth ambition and our first big partnerships with Sainsbury and Argos, went live in 2019.
Many talented colleagues have joined us, and we now partner with a number of fantastic brands across the retail, charity and financial services sectors. We’ve developed new capabilities, new platforms and new services specifically for our partners to achieve the best customer experience. Over the last 6 years, the number of pet parents we support has grown five-fold to over half a million in 2023. Together we’ve built the leading Pet Partnership business in the UK and are proud to support and engage pet parents every day to ensure happy and healthy pets.
Our ambition
We’re delivering long-term success and growth through empowerment and strong collaboration focusing on our two own brands; EveryPaw and Pet Protect and building great relationships with our partners to provide market leading products, innovative new services, simplicity and a great customer experience. Our goal is to support over 1 million pet parents by the end of 2026.
Pinnacle Pet UK provides great opportunities for those who love pets, want to learn, be challenged and develop. As a team, we are focused on performance and great customer outcomes. We support each other to achieve our individual and collective goals and have a culture where everyone can be authentic, diverse and innovative and truly be the best version of themselves supporting what we do best – pets.
The Security Operations Officer is primarily responsible for maintaining and enhancing the security posture of Pinnacle Pet UK's IT infrastructure through vigilant monitoring, management, and remediation of security threats and vulnerabilities.
Working independently but closely with the Global Security Officer / CISO, a managed Security Operations Centre (SOC), the wider IT team, and various business units, the Security Operations Officer will:
* Monitor IT estate security compliance
* Manage vulnerabilities
* Handle security incidents
* Define and maintain security procedures
* Respond to security-related queries and requests
* Manage security alerts
* Integrate cyber threat intelligence (CTI) feeds
* Produce regular security reporting
The position is a Hybrid Role and will require some office attendance.
Key Responsibilities
* Security Compliance Monitoring: Conduct monthly assessments and reporting on IT assets' compliance with security standards, including system patching, and antivirus measures using tools like Microsoft Defender and Intune. Produce reporting and Coordinate remediation strategies aligned with Service Level Agreements (SLAs) based on severity levels
* Vulnerability Management: Perform internal (Microsoft Defender for Vulnerability Management) and external (Qualys WAS/VM) vulnerability scans. Produce reporting and coordinate remediation strategies aligned with Service Level Agreements (SLAs) based on severity levels.
* Security Incident Management: Lead local response to security incidents and investigations, collaborating with the managed SOC service to ensure timely and effective mitigation of security breaches and threats.
* ServiceNow Security SME: Act as a security subject matter expert (SME) within ServiceNow, assisting the business with security-related incidents and requests, including social engineering reports, web-filtering, and firewall change requests.
* Policy and Procedure Maintenance: Maintain and update security policies and procedures to reflect current best practices and regulatory requirements.
* Security Assurance and Risk Management : Support internal and external security audits and assessments. Implement recommended actions to address identified risks.
* Azure Tooling Enhancement: Improve SecOps processes by adopting new tools within Pinnacle Pet UK's Azure environment. Oversee deployment, configuration, and optimization of security technologies.
* Cyber Threat Intelligence Integration: Enhance cybersecurity defences by integrating relevant CTI feeds and tools into existing operations.
* Security Awareness and Training: Develop and deliver security training and awareness programs to staff, addressing social engineering and other human-centric security risks
Successful Candidates Will Have
Required Skills and Work Experience;
Essential
* Strong IT skills, including knowledge of computer networks, operating systems, software, and cybersecurity principles.
* Hands-on experience with ServiceNow, Qualys WAS/VM, Zscaler, Microsoft Purview, Microsoft Defender Suite, Intune, and Azure Sentinel.
* Solid understanding of current information security vulnerabilities and countermeasures.
* Knowledge of cyber threat intelligence feeds and their integration with operational security.
* Practical understanding of incident handling, security investigation techniques, and maintaining security playbooks.
* Familiarity with OWASP Top 10, NCSC best practices, NVD (National Vulnerability Database), CVSS scoring, and CIS Controls (formerly CIS20).
* Excellent communication and documentation skills suitable for both technical and non-technical audiences.
Desirable
* Experience with attack detection, Intrusion Detection/Prevention Systems (IDS/IPS), SIEM, ATT&CK frameworks, firewalls, Identity and Access Management (IAM), anti-virus, patch management, CASB, particularly in an Azure cloud environment.
* Familiarity with cybersecurity frameworks such as NIST Cybersecurity Framework (CSF) and ISO 27001..
Required Qualifications;
Essential
* IT or security-related degree or industry-recognized certifications (e.g., CompTIA Security+).
Desirable
* Information Security qualifications such as CISSP, CISA, CISM, CIS20, or equivalent
* Microsoft Azure certifications: AZ-500, MS-500, SC-200, SC-100, or equivalent.
#J-18808-Ljbffr