Overview
To make money work for everyone, we must protect our customers, our data, and our systems. You will join our Security Operations Squad to detect threats, respond to incidents, and improve our defences without disrupting the people who use our bank. The role focuses on Incident Response and requires working alongside senior team members to investigate security events from the initial alert through to recovery. As you build your skills and confidence, you will receive support to lead these responses.
Responsibilities
* Investigating security events: Work across our network, endpoints, and cloud systems, playing an active role from the initial alert through to recovery and eventually leading the response.
* Proactively hunting for threats: Test theories about attacker tactics and search for hidden threats before they trigger alerts.
* Spotting real threats: Fine‑tune alerts so only genuine risks are pursued, focusing on stopping attackers.
* Automating repetitive work: Build automations that handle routine tasks, giving the squad time to focus on complex, analytical challenges.
* Learning from past incidents: Run blameless reviews after incidents to find root causes and improve security controls.
* Tracking threat intelligence: Research attackers that pose a risk and translate that knowledge into active, automated defences.
Qualifications
* Incident response experience: Hands‑on experience in a Security Operations Centre and comfort investigating security events during complex incidents.
* Deep understanding of systems and networks: Knowledge of operating systems (macOS, Windows, Linux) and network fundamentals, along with modern attack methods.
* Automation skills: Experience using scripting languages (e.g., Python or Go) to build tools and interact with APIs.
* Independent problem solving: Ability to navigate tricky investigations and determine the right path without a step‑by‑step guide.
* Clear communication: Ability to explain highly technical findings in everyday language to non‑security colleagues.
* Bonus – cloud or detection engineering: Experience with cloud platforms (AWS, Azure), writing detection rules as code, or holding practical security certifications.
Benefits
* £40,000 – £55,000 plus incentive awards tied to performance.
* Role may be based at our London office or remote within the UK, with occasional meetings in London.
* Flexible working hours and trust to work enough hours to get the job done.
* £1,000 learning budget each year for books, courses, and conferences.
* Setup for remote work, including a MacBook for all employees and additional support for fully remote workers.
Equal Opportunity Statement
We’re an equal opportunity employer. All applicants will be considered for employment without attention to age, ethnicity, religion, sex, sexual orientation, gender identity, family or parental status, national origin, veteran, neurodiversity or disability status.
We actively foster an inclusive environment for all people to do the best work of their lives. For more information on our diversity and inclusion initiatives, see our 2024 Diversity and Inclusion Report and 2024 Gender Pay Gap Report.
#J-18808-Ljbffr