Senior Security Operations Analyst | London, UK

Job Title
Senior Security Operations Analyst

Job Description

As one of Europe's leading investment platforms, security at IG is a top priority and our Security Operations team is looking for a Senior Security Operations Analyst to help further enhance our security framework.

Who are we:

Hello, we're IG Group. No, not Instagram - though we're a pretty big deal ourselves. We're a global, FTSE 250-listed company made up of a collection of progressive fintech brands in the world of online trading and investing. The best part? We've snapped up many awards for our top-class platforms, forward-thinking products, and incredible employee experiences.

We believe in financial freedom. And our purpose is to help ambitious people achieve it. Around 400,000 people use our groundbreaking technology and forward-thinking platforms to trade the financial products they know and love.

Your Position within the Team:

IG's Security Operations team (SOC) is responsible for managing security-related events within IG. The team's goals are to ensure that security incidents adversely affecting the business are quickly diagnosed, workarounds are determined, proper root cause analysis is performed, and actions are taken to prevent the issue from reoccurring.

What you'll do:

Security Monitoring

• Drive the creation and refinement of security monitoring rules, techniques and processes.
• Proactively hunt for evidence of threats or compromise using all available tools.

• Investigate and resolve escalated security incidents both independently and by leading a team of SOC colleagues.
• Ensure the defined playbooks are followed correctly, and accurate logs are made of all actions during incident response.
• Support and mentor colleagues with best-practice incident management techniques and behaviours.
• Perform root cause analysis, recommend process improvements, and write final post-incident reports.

• Vulnerability Management - maintain regular scans, interpret results, identify asset owners, track remediation activities and report on the agreed SLAs.
• Security Controls Administration - maintain availability and functionality of all security controls; implement new and advanced features where available; write technical documentation and manage changes.
• SIEM Maintenance & Content - maintain the availability of the underlying infrastructure, develop new alerts, field parsers, models and automated playbooks, and integrate new log sources where appropriate.
• Threat Intelligence & Threat Hunting - provide, develop and integrate external threat intelligence data into the team's detection capabilities; perform proactive threat hunts based on working hypotheses, and implement subsequent SIEM alerts where required.
• Purple Team & Scenario Exercises - regularly test the team's detection capabilities, develop scenario-based training, and organise purple team exercises, both in-house and with third-party providers.
• Insider Threat - maintain and develop the Data Loss Prevention policies in line with the company's data classification requirements, and implement exceptions for business-approved procedures where required. Improve the detection and response capabilities of the remaining security controls with a focus on insider threats.
• Escalation Analyst - support analysts during incident response and take the lead in more complex investigations; validate true positive security incidents, ensuring all playbook actions have been completed reliably with an incident timeline populated, and provide training sessions for other analysts.

• Assist with the preparation of regular reports and the collection of defined metrics.
• Take an active role in the creation and continual improvement of SOC process and procedures documentation, as well as the refinement of manual and automated workflows and playbooks.

• Lead the training and development of other SOC team members, sharing knowledge and demonstrating best practices by example.
• Lead internal projects to improve the effective operation of the SOC, such as contrasting competing tools or technologies, re-designing existing security controls and assessing the impact of changes to IG's IT environment.
• Take an active role in external projects as the security SME ensuring that operational security issues are considered and implemented appropriately.

• 4 - 10 years of experience within operational IT or security roles, with a minimum of 2 years SOC.
• Deep familiarity with one or more SIEM tools.
• A strong understanding of technical IT concepts is required, including:
• Windows and Linux operating systems and system administration
• Networking, including TCP/IP and other common protocols
• Microsoft Active Directory
• Command line interfaces and scripting
• Understand the role, benefits/downsides, and standard use cases of technical security products, such as firewalls, anti-virus, web proxies, SIEM, IDS/IPS, DLP, and EDR.
• Familiarity with vulnerability scanning and penetration testing tools and techniques.

• A university degree in one of the following fields is preferred (but not required):
• Cyber / Information Security, Digital Forensics, Ethical Hacking
• Computer Science, Software Development, Network Engineering
• Mathematics, Physics and other STEM subjects
• Other desirable certifications include: CISSP / CEH, CREST, OSCP / Security+, Network+, CySA+ / Vendor certifications for Microsoft, Linux, cloud, networking or security products.

• Competitive salary
• Flexible Benefits Package on top of your salary (12%)
• Private medical cover for you and your family
• Life insurance
• Contribution to gym memberships
• 25 Days holiday, with 1 additional day off to celebrate your Birthday & 2 additional days off a year for voluntary work (28 in total)
• The option to buy or sell holiday days.
• Unlimited access to the LinkedIn Learning Platform
• A comprehensive global and local onboarding process
• Employee-led LGBTQ+, Women's, Black and Parents & Carers networks with an annual budget for organising events & projects that foster an open, diverse and inclusive culture
• Option to participate and create ESG initiatives based on IG Brighter Future Fund
• Enhanced primary (maternity), secondary (paternity), and shared parental pay and leave, as well as a range of support and benefits for parents

We follow a hybrid working model; we reckon it's the best of both worlds. This model also feeds into our secret ingredients for innovation: diversity, flexibility, and close connection.

Plus, you'll be welcomed into a diverse and inclusive workforce with a lot of creative energy. Ask our employees what their favourite thing is about working at IG, and you'll hear an echo of 'our culture'! That's because you can come to work as your authentic self. The things that make you, you - like your ethnicity, sexual orientation, faith, age, gender identity/expression or physical capacity - can bring a fresh perspective or new skill to our business.

That's why we welcome people from various walks of life; and anyone who wants to help us realize our vision and strategy.

So, if you're keen to connect with our values, and lead the charge on innovation, you know what to do.

APPLY NOW!