A bit about the role
This role will be key to our approach to Cyber Defence at Allwyn, managing the toolsets, processes and capabilities required to effectively deliver a world class security operations Centre. Responsibilities will include managing the security engineering toolset, developing and maintaining the technology and capabilities deployed, supporting and advancing the operational security capabilities of the Cyber Security Team, working on new Security Projects, and providing an advisory role to other elements of the business on best practice. The role will require establishing relationships with key stakeholders in Risk, Technology and Operations, and establishing yourself as a SME for cyber security within the organisation.
What you'll be doing
Advanced and Predictive Analytics
Run advanced and predictive analyses and perform assessments based on the Mitre ATT&CK framework. Validate, enhance and use predictive analytics software tools, correlate testing activities to ensure quality of use cases, and monitor using multiple SIEM technologies to keep the SOC threat‑led. Gather forensic data and physical equipment for investigations when necessary, act as incident responder for identified incidents and lead the incident response when required.
Data and Analytics Strategy
Provide guidance and training on analysing data trends for security use cases, improve data and analytics systems, contribute to continuous refinement of the data and analytics security strategy, conduct regular security assessments, perform risk analysis, analyse breaches to find root causes, and generate reports for IT administrators, business managers and security leaders. Perform forensic analysis and gather evidence for correlation monitoring using multiple SIEM technologies.
Security Improvement through AI
Create artificial intelligence algorithms that identify patterns or indicators of compromise in security logs to defend the environment. Ensure proactive development of new machine‑learning activities aligns with identified threats, leveraging extensive threat‑landscape knowledge.
Cloud Security
Design, implement and maintain security controls for AWS and Azure, including Azure AIP, Defender, Azure AD, key vaults, log shipping, AWS GuardDuty, Security Hub, Trusted Advisor, Config, CloudTrail, CloudWatch, Inspector, etc. Serve as subject‑matter expert on all Azure security tooling and implement required security measures such as firewalls or message encryption.
Planning and Organising
Work independently, providing guidance and training to others on planning, organising, prioritising and managing activities to efficiently meet business objectives. Lead updates to Protective Monitoring/SOC documentation, processes and procedures, ensuring consistency.
What experience we're looking for
Key Skills and Experience
* Ability to work under pressure
* 1‑3 years' experience in a similar role
* In‑depth understanding of the cyber threat landscape and advanced adversary tactics
* Expert knowledge of Linux, Windows, Azure, AWS, Sentinel, Palo Alto and CyberArk
* Threat Modelling and Mitre ATT&CK experience
* In‑depth knowledge of a scripting language, preferably Python
Desirable Skills
* Previous experience in a similar role
* Relevant cloud experience
Benefits
* Company Bonus Scheme
* Matched pension contributions up to 8.5%
* 26 days annual leave + 2 Life Days (and bank holidays)
* Single Private Health Cover
* Complimentary Private Medical
* Income Protection
* Flexible Benefits – EV Scheme, Money Coach, Will Writing, Mortgage Advice, Dental and Eye Care Schemes
* Enhanced Family Leave (Maternity, Paternity, Adoption)
* Wellness Allowance £500
* Employee Assistance Programme
* Discounted Health Assessments
* Volunteering Days
* Matched Funding
#J-18808-Ljbffr