Information Security Analyst

Information Security Analyst Bristol, England

RAC
Full Time Bristol, England 26057 - 31533 GBP ANNUAL Today
Job description

About The Role

As a valued member of the RAC Security Team, the purpose of the Information & Cyber Security Analyst is to carry out day-to-day cyber security threat monitoring, detection and response activity; Measure vulnerability and corrective action effectiveness and oversee access control reviews throughout the RAC technology ecosystem.


  • Lead security incident response activities, ensuring the IR policy, plan and playbooks are kept up to date, integrated with IT, IR Response Partners, Managed Service Providers, and the wider RAC business and regularly tested.
  • Develop and maintain a regular security testing regime to continually test and optimize security controls across the business.
  • Design and develop operational plans, playbooks and runbooks that streamline, enhance, and where practical, automate processes, ensuring they operate effectively reporting key SecOps metrics.
  • Establish and run proactive operating processes to identify and address security issues/weaknesses before they present a material risk to the business.
  • Prepare reports and management information regarding the state and effectiveness of those security controls and processes across the RAC group to inform senior management and facilitate effective decision-making.
  • Conduct regular threat assessments and threat modelling exercises and maintain an integrated threat and risk led approach to security monitoring.
  • Enhance and develop targeted threat hunting exercises, ensuring this feedback into the Security Operations action plan.
  • Work closely with key managed services partners to maintain, develop, and enhance red and purple team exercises, continually measuring and improving our controls.
  • Ensure good working practices are communicated across the team, and documentation is kept up to date.
  • Establish and run “Access Control” governance processes, maintain records of system account approval and carryout periodic reviews.
  • Follow up with suppliers on remediation actions.
  • Be a point of liaison on network & security matters with suppliers.

About You

The role holder will work both independently and as a key part of the Information Security team. They will be expected to make both proactive and reactive tactical and operational decisions in real-time to ensure RAC’s security posture is always maintained, and often work with autonomy. Where appropriate actions will be dictated by pre-defined processes and playbooks although this type of role will also require out-of-the-box thinking, with those decisions being made confidently based on prior experience and sound judgement.


Personal Attributes:

  • Demonstrable comprehension of cyber security concerns including attacker tactics, techniques, and procedures; Ransomware; emerging threats; technology vulnerability.
  • Demonstrable experience of security incident response leadership.
  • Experience in utilizing MITRE ATT&CK framework in an operational Detect and Respond environment.
  • Demonstrable experience of monitoring and analysing modern technology models such as Azure, cloud (SAAS) services, containers, Infrastructure-as-code and CI/CD Continuous software delivery pipelines.
  • Experienced in determining SOC Toolset requirements and establishing SecOps processes.
  • Experienced in SOC concepts including but not limited to: Cyber Incident Response Coordination, Malware and Ransomware control, Email security, CASB, Endpoint protection XDR, MDR & AV, Quarantine and Containment, Abuse Response, Forensics, MDM, SIEM, SOAR, Azure and Cloud Security controls, Vulnerability Management, data Loss Prevention.
  • Good grasp of coding/scripts, with experience of writing queries in reporting tools
  • Experience of DevSecOps methodologies and practices.
  • Understanding of other information security domains such as Architecture, AppSec Business Continuity/DR and Risk Management.
  • Knowledge of common information security management frameworks, such as NIST CSF, ISO/IEC 27001.
  • Knowledge and understanding of relevant UK legal and regulatory cyber requirements and guidelines.
  • Objective, analytical and decisive in nature.
  • Poise and ability to act calmly and competently in high-pressure, high-stress situations.

Qualifications/FCA:

Possession of a professional security qualification in good standing (such as GCIA, GCIH, GCTI, GMON, CISSP).

About Us

The RAC is on a journey to revolutionise the way we provide our differentiated range of driving services to our 13m personal and business members, so we’re looking for problem-solvers and passionate engineers to build digital products with cutting-edge technology.
In partnership with our new shareholder Silver Lake, the global leader in tech investing which has unparalleled technology expertise, we’re executing an organisation-wide digital transformation focusing on adoption of modern tech and tools, customer-led product development and data-driven decision-making. This opportunity may involve working on an app with millions of users, an ecomm platform that processes tens of millions of revenue per year, or technology that supports our patrols to attend 2.3m call-outs each year.

Information Security Analyst
RAC

rac.co.uk
Walsall, United Kingdom
Dave Hobday
$500 million to $1 billion (USD)
1001 to 5000 Employees
Company - Private
Membership Organisations
1897
Related Jobs

All Related Listed jobs

Personal Care Assistant
Penderels Trust Sunderland, North East England, England 11.3 GBP HOURLY Today

The individual keeps pets in the home,2 x cats. Support and/or prompt the individual to access sporting and leisure activities. Travelling on buses and metros.

Administrator
RSK Group Hemel Hempstead, England 21907 - 24287 GBP ANNUAL Today

Experience of answering phones and transferring calls. Receive internal and external enquiries (by telephone and email) and direct them to correct RSK

Shared Lives Carer
ategi Rhondda, Wales 8.75 - 16.25 GBP HOURLY Today

Shared Lives carers support adults who need a little extra support and would benefit from living in a home environment, its a bit like foster care but for

Project Manager
Carbon60 Global England 50 - 62.5 GBP HOURLY Today

Key project deliverable:- Creation of a Systemised resource process to align HR/Budget planning and Unit resource management (WS2/4) - Systemised data -

Game Marshal
Laser Adventures Ltd Huddersfield, England 7.49 - 10.42 GBP HOURLY Today

Dealing with children and ensuring their safety. Huddersfield is themed around a futuristic abandoned town, complete with a chemical plant, police station, auto