Information Security Analyst

Information Security Analyst Bristol, England

RAC
Full Time Bristol, England 26057 - 31533 GBP ANNUAL Today
Job description

About The Role

As a valued member of the RAC Security Team, the purpose of the Information & Cyber Security Analyst is to carry out day-to-day cyber security threat monitoring, detection and response activity; Measure vulnerability and corrective action effectiveness and oversee access control reviews throughout the RAC technology ecosystem.


  • Lead security incident response activities, ensuring the IR policy, plan and playbooks are kept up to date, integrated with IT, IR Response Partners, Managed Service Providers, and the wider RAC business and regularly tested.
  • Develop and maintain a regular security testing regime to continually test and optimize security controls across the business.
  • Design and develop operational plans, playbooks and runbooks that streamline, enhance, and where practical, automate processes, ensuring they operate effectively reporting key SecOps metrics.
  • Establish and run proactive operating processes to identify and address security issues/weaknesses before they present a material risk to the business.
  • Prepare reports and management information regarding the state and effectiveness of those security controls and processes across the RAC group to inform senior management and facilitate effective decision-making.
  • Conduct regular threat assessments and threat modelling exercises and maintain an integrated threat and risk led approach to security monitoring.
  • Enhance and develop targeted threat hunting exercises, ensuring this feedback into the Security Operations action plan.
  • Work closely with key managed services partners to maintain, develop, and enhance red and purple team exercises, continually measuring and improving our controls.
  • Ensure good working practices are communicated across the team, and documentation is kept up to date.
  • Establish and run “Access Control” governance processes, maintain records of system account approval and carryout periodic reviews.
  • Follow up with suppliers on remediation actions.
  • Be a point of liaison on network & security matters with suppliers.

About You

The role holder will work both independently and as a key part of the Information Security team. They will be expected to make both proactive and reactive tactical and operational decisions in real-time to ensure RAC’s security posture is always maintained, and often work with autonomy. Where appropriate actions will be dictated by pre-defined processes and playbooks although this type of role will also require out-of-the-box thinking, with those decisions being made confidently based on prior experience and sound judgement.


Personal Attributes:

  • Demonstrable comprehension of cyber security concerns including attacker tactics, techniques, and procedures; Ransomware; emerging threats; technology vulnerability.
  • Demonstrable experience of security incident response leadership.
  • Experience in utilizing MITRE ATT&CK framework in an operational Detect and Respond environment.
  • Demonstrable experience of monitoring and analysing modern technology models such as Azure, cloud (SAAS) services, containers, Infrastructure-as-code and CI/CD Continuous software delivery pipelines.
  • Experienced in determining SOC Toolset requirements and establishing SecOps processes.
  • Experienced in SOC concepts including but not limited to: Cyber Incident Response Coordination, Malware and Ransomware control, Email security, CASB, Endpoint protection XDR, MDR & AV, Quarantine and Containment, Abuse Response, Forensics, MDM, SIEM, SOAR, Azure and Cloud Security controls, Vulnerability Management, data Loss Prevention.
  • Good grasp of coding/scripts, with experience of writing queries in reporting tools
  • Experience of DevSecOps methodologies and practices.
  • Understanding of other information security domains such as Architecture, AppSec Business Continuity/DR and Risk Management.
  • Knowledge of common information security management frameworks, such as NIST CSF, ISO/IEC 27001.
  • Knowledge and understanding of relevant UK legal and regulatory cyber requirements and guidelines.
  • Objective, analytical and decisive in nature.
  • Poise and ability to act calmly and competently in high-pressure, high-stress situations.

Qualifications/FCA:

Possession of a professional security qualification in good standing (such as GCIA, GCIH, GCTI, GMON, CISSP).

About Us

The RAC is on a journey to revolutionise the way we provide our differentiated range of driving services to our 13m personal and business members, so we’re looking for problem-solvers and passionate engineers to build digital products with cutting-edge technology.
In partnership with our new shareholder Silver Lake, the global leader in tech investing which has unparalleled technology expertise, we’re executing an organisation-wide digital transformation focusing on adoption of modern tech and tools, customer-led product development and data-driven decision-making. This opportunity may involve working on an app with millions of users, an ecomm platform that processes tens of millions of revenue per year, or technology that supports our patrols to attend 2.3m call-outs each year.

Information Security Analyst
RAC

rac.co.uk
Walsall, United Kingdom
Dave Hobday
$500 million to $1 billion (USD)
1001 to 5000 Employees
Company - Private
Membership Organisations
1897
Related Jobs

All Related Listed jobs

Director of Education
HyperionDev London, England 28647 - 55951 GBP ANNUAL Today

You will be responsible for serving thousands of students annually through strategic planning at a management level which will encompass new projects, courses,

Calling all experienced Telemarketers in Bournemouth!
Gungho Marketing Bournemouth, England 24000 - 35000 GBP ANNUAL Today

The job involves researching international financial companies and corporations, whilst making high numbers of outbound calls to targeted companies &

Communications Manager
Department for Environment, Food and Rural Affairs Newcastle upon Tyne, England 37295 - 44724 GBP ANNUAL Today

This will assess the success of Government environmental policies, and progress towards Government environment targets, whilst driving better evidence-based

Guest Service Assistant - Housekeeping
Hotel Indigo Edinburgh Edinburgh, Scotland 10.42 GBP HOURLY Today

Giving you access to counselling services, physical wellbeing & financial aid. To ensure all rooms are turned around in an efficient manner.

Cleaners
University of St Andrews United Kingdom 20547 GBP ANNUAL Today

(e.g. 0600 0900, 15 hours per week/0600 1000, 20 hours per week. 15 hours per week Mon Fri. A 25 & 20 hour post is available which is term time only (Sept