Find More Than 10K+
United Kingdom Jobs

About The Role

As a valued member of the RAC Security Team, the purpose of the Information & Cyber Security Analyst is to carry out day-to-day cyber security threat monitoring, detection and response activity; Measure vulnerability and corrective action effectiveness and oversee access control reviews throughout the RAC technology ecosystem.

About You

The role holder will work both independently and as a key part of the Information Security team. They will be expected to make both proactive and reactive tactical and operational decisions in real-time to ensure RAC’s security posture is always maintained, and often work with autonomy. Where appropriate actions will be dictated by pre-defined processes and playbooks although this type of role will also require out-of-the-box thinking, with those decisions being made confidently based on prior experience and sound judgement.

Personal Attributes:

• Demonstrable comprehension of cyber security concerns including attacker tactics, techniques, and procedures; Ransomware; emerging threats; technology vulnerability.
• Demonstrable experience of security incident response leadership.
• Experience in utilizing MITRE ATT&CK framework in an operational Detect and Respond environment.
• Demonstrable experience of monitoring and analysing modern technology models such as Azure, cloud (SAAS) services, containers, Infrastructure-as-code and CI/CD Continuous software delivery pipelines.
• Experienced in determining SOC Toolset requirements and establishing SecOps processes.
• Experienced in SOC concepts including but not limited to: Cyber Incident Response Coordination, Malware and Ransomware control, Email security, CASB, Endpoint protection XDR, MDR & AV, Quarantine and Containment, Abuse Response, Forensics, MDM, SIEM, SOAR, Azure and Cloud Security controls, Vulnerability Management, data Loss Prevention.
• Good grasp of coding/scripts, with experience of writing queries in reporting tools
• Experience of DevSecOps methodologies and practices.
• Understanding of other information security domains such as Architecture, AppSec Business Continuity/DR and Risk Management.
• Knowledge of common information security management frameworks, such as NIST CSF, ISO/IEC 27001.
• Knowledge and understanding of relevant UK legal and regulatory cyber requirements and guidelines.
• Objective, analytical and decisive in nature.
• Poise and ability to act calmly and competently in high-pressure, high-stress situations.

Qualifications/FCA:

Possession of a professional security qualification in good standing (such as GCIA, GCIH, GCTI, GMON, CISSP).

About Us

The RAC is on a journey to revolutionise the way we provide our differentiated range of driving services to our 13m personal and business members, so we’re looking for problem-solvers and passionate engineers to build digital products with cutting-edge technology.
In partnership with our new shareholder Silver Lake, the global leader in tech investing which has unparalleled technology expertise, we’re executing an organisation-wide digital transformation focusing on adoption of modern tech and tools, customer-led product development and data-driven decision-making. This opportunity may involve working on an app with millions of users, an ecomm platform that processes tens of millions of revenue per year, or technology that supports our patrols to attend 2.3m call-outs each year.