Information Security Analyst - SOC

INTERNAL ONLY VACANCY - THIS VACANCY IS ONLY AVAILABLE TO EMPLOYEES OF THE L&Q GROUP AND ITS SUBSIDIARIES. ANY APPLICATIONS RECEIVED FROM EXTERNAL CANDIDATES WILL NOT BE PROGRESSED.

Job title: Information Security Analyst - SOC
Contract: Fixed-Term Contract until October 2025, Full Time (Maternity Cover)
Location: Reporting office Stratford, London, E15 or Sale Point, Manchester *The Sale Point office will be relocating to Old Trafford in Spring 2025

Persona: Agile, Office based 20-40% dependant on business needs
Salary: London Weighted: starting from £53,660 pa depending on experience and location
Regional - Outside London: starting from £46,524 pa depending on experience and location
Closing date for all applications: 11th September 2024

Early applications are encouraged as we reserve the right to close the advertisement and interview earlier than stated.

Information Security Analyst SOC role profile.docx

A great opportunity has arisen for an experienced Information Security Analyst - SOC to join L&Q at a very exciting time, where we will invest, grow and transform our business to provide a better service to customers old and new. There is huge investment in Technology, Modern Workplace and move to full Microsoft Azure and Azure Stack and a great place to get involved in all parts of the transformation.

We are looking for an adaptable and forward-thinking Information Security Analyst, able to help shape the future Technology Landscape of L&Q. They will assist in the development and implementation of roadmaps, data mapping and engagement that ensure the security and risk strategy meet regulatory requirements within the broad area of Technology. Attention to detail and a high level of accuracy are key.

The InfoSec SOC Analyst will:

1. Assist the Information Security SOC team within the broad area of Technology - identifying and recommending new technologies, tools and techniques.
2. Assist in pilot schemes / proofs of concept solutions to create patterns that lead the way for L&Q's future Technology systems and processes.
3. Assist in the review, development and delivery of the vision for the future-state security goals to enable the business process and Technology portfolio to closely align to the business goals.
4. Work with team on Technology Risks Assessment and Compliance.
5. Provide information security assurance across business projects and solutions.

Skills and Experience:

1. Practical experience of implementing and maintaining Technology Security practice.
2. Using Jira, TFS (MS Azure DevOps) or similar ITSM/Ticketing tools.
3. Relevant information security qualifications.
4. Working knowledge of SIEM, SOAR and/or UEBA tools.
5. Ability to understand the long-term and short-term perspectives of Technology Security products and solutions including but not limited to IoT, cloud and the latest monitoring tools.
6. Experience working in a medium to large Technology organisation with Agile methodology.
7. Experience in gaining business and Technology requirements from a high volume of stakeholders.
8. Ability to liaise with all areas of the business in a consultative manner, including becoming a "trusted advisor".
9. Experience working in a cross-functional team aligned business and third-party vendors.
10. Knowledge of security frameworks in particular Cyber Security Essentials and ISO 27001.

Responsibilities:

1. Proactive monitoring via situational awareness on infrastructure, network, critical applications and endpoints.
2. Bring in new ways of making security 'invisible'.
3. Incident response lead for all security incidents via playbooks.
4. Forensic 'Deep Dive' analysis working with teams and provide value dashboards and report.
5. Provide analysis and trending of security log data from security devices - drive and own Single source dashboard and SIEM.
6. Provide Incident Response (IR) support when analysis confirms actionable incident.
7. Provide threat and vulnerability analysis as well as security advisory services.
8. Analyse and respond to previously undisclosed software and hardware vulnerabilities.
9. Investigate, document, and report on information security issues and emerging trends.
10. Other tasks and responsibilities as assigned.

*We are a multi-site organisation, so some roles may require occasional travel between offices, but expenses will be covered.

Our commitments:
At L&Q, people are at the heart of our business and our success depends on employing the best people and getting the best from them. This is why we are committed to developing our people. It's only by investing in a well-trained and motivated workforce that we can continue to prosper and sustain business success.

In addition to our support and training, the successful candidate will have access to our full suite of benefits including 28 days holiday rising to 31 days with length of service, Westfield health cash plan, annual bonus subject to group performance, excellent Pension scheme, an employee assistance programme and non-contributory life assurance.

We are committed to supporting your work-life balance and recognise the changing demands and circumstances in life. Please let us know during the recruitment process if you're interested in part time working or job sharing. In addition, should your circumstances change once you have joined L&Q, you can also request flexible working arrangements, e.g. a change to working hours - if it's feasible then we'll make it happen.

We expect all of our employees to support our environmental policy and social responsibility work. We are an employer committed to environmental and social responsibility.

L&Q is a regulated charitable housing association and one of the UK's most successful independent social businesses. The L&Q Group houses around 250,000 people in more than 97,000 homes, primarily across London and the South East.

Our vision is that everyone has a quality home they can afford, and we combine our social purpose with commercial drive to create homes and neighbourhoods everyone can be proud of.