Security Operations Analyst London, England
Job description
Egress Software Technologies are a leading Cyber Security company providing global solutions to protect against human activated risk. By aggregating data, deploying artificial intelligence and machine learning capabilities, Egress protects, prevents and defends against online attacks or potential breaches – before they happen.
Egress is proud to support thousands of Enterprise customers across a range of sectors including Financial Services, Legal, Healthcare, and Government organisations. By protecting millions of employees around the world from advanced threats, businesses can safely achieve their mission without unnecessary risk.
At the forefront of the Cyber Security industry, Egress can provide an unrivalled career path in Security Operations.
The Security Team
The three Egress security teams report to the Chief Information Security Officer (CISO), these are:
- Security Operations – the day-to-day management of operational processes and incidents
- Cyber Security – defining security best practice of technologies
- Compliance & Risk – managing accreditations, auditing and risk management
This role forms part of the SecOps team, which ensure that we operate our business in line with the defined policies and procedures and also manage all group security incidents. This role requires a technical background and experience of working with public cloud technologies.
Whilst there are process aspects to the role there are two main areas of focus for the team:
- Vulnerability management. The team manage issues identified through internal and external vulnerability testing. Internally we use tools like Snyk (one of several tools available) to find issues in the software development lifecycle. Externally, SecOps work with a penetration testing company to define the scope of pentests and manage the process with engineering. Once issues are identified SecOps work closely with operations and engineering teams to resolve them.
- Incident management. The team manage our security incident response activities, investigating alerts using tools such as Azure Sentinel. SecOps will coordinate the incident response with resolving teams and engage with key stakeholders for updates. As the team works office hours, engaging a managed SOC provider who cover 24X7 incident management.
SecOps engage with teams across the business and at all levels. In this role you will be a key contributor to maintaining a good security posture and building on our security culture.
Other duties include security awareness and training, security vetting and supplier onboarding.
The wider security team work closely together with opportunities for cross-training and career development. The management team actively support personal development, with access to training tools such as Skillsoft and O’Reilly. We are looking for a candidate who can demonstrate key competencies and a desire to learn and apply new skills. You will be supported with mentoring from across the team and have opportunities to learn in an environment that uses the latest technologies.
As a security company we also use our own products and services internally, and the SecOps team are encouraged to give feedback to the product management group to help further develop the capabilities of our products with real end-user feedback.
The security team are split between our London and Sheffield offices, but ensure we spend time in social activities and not just work. Whether it’s a breakfast catch-up, a visit to an expo or one of our regular social events after work – we recently completed the National Three Peaks Challenge together.
The Role
Reporting to the Security Operations Manager, your key tasks may involve:
- Managing vulnerability scanning tools - SAST, SCA, IaC, Containers & DAST for all Egress products
- Investigate SIEM alerts, working with the Engineering and Operations teams to resolve issues
- Managing vetting applications, supplier onboarding and security awareness programmes
- Plan and manage 3rd party penetration testing
- Support customer requests for information (RFI) on security related questions
- Identify and contribute to our continuous improvement plan
The Person
As a member of the Security Operations team, you will work in a hybrid environment both independently and as part of a team, typically in the office 2 days per week.
You should have good prioritisation and organisational skills whilst able to stay calm in the event of a high priority incident. You should have a technical background to be able to triage incidents, this requires an understanding of public cloud services.
You will need to be able to articulate your findings in a persuasive manner and apply good problem-solving skills.
The Company
We are proud of our uniquely agile, effervescent, and people-focused equal opportunity environment. Our core values of Own it, Be bold, Do the right thing and Be a bar-raiser foster a culture of continuous learning and growth, enabling staff to uphold the highest ethical standards possible.
We are a sociable company with a friendly and supportive atmosphere, constantly developing a desire to improve in everything we do! We are now back to running our monthly paid for social activities as our office continues to get busier. For those who are working remotely, we can’t promise the coffee you have in your kitchen will be as good as the free ones we have in the offices but the people you share it with will be just as warm and welcoming.
Diversity, Equity and Inclusion
Here at Egress, we are committed to diversity, equity and inclusion. Our workforce has consistently sat above the national average for both BAME and female representation, but we recognise that we can always do more. Every job description is subject to scrutiny through a gender bias decoder ensuring our roles are as inclusive and attractive as possible. Our culture is one that aims to nurture a welcoming and safe working environment for everyone with initiatives such as our Diversity & Belonging forum, dedicated mental health first aider network and regular awareness seminars. All of which contribute towards a great place to work whoever you are.
Privacy and Your Data
Please take the time to check and read our recruitment privacy policy. The information you provide to us when you apply will be held, stored and processed by Egress Software Technologies Limited in accordance with it.
Any job offer that we may make to you will be subject to you successfully passing background checks.
Benefits
Social
- Regular charity events and fundraisers
- Dedicated Culture Club responsible for arranging regular social events of all shapes and sizes
- Annual kickoff and summer parties
- Management / peer recognition programmes with rewards
- Regular employee personal development and training reviews
- Flexible dress code
- Social pool league
Physical
- Free eyecare vouchers
- Free breakfast, fruit and all the coffee you can drink
- Fully funded private medical
- Discounted gym membership
- Cycle to work scheme
Financial
- 25 days annual leave, increasing to 26 after your first year in the business
- Contributory pension scheme
- £2,000 employee referral scheme
- Eligibility to participate in Enterprise Management Investment (EMI) stock option scheme
- Egress perks portal and retail discount scheme
