Security Operations Analyst - R3 London Bookmark Share Print 182 0 1

Listing Description

R3 is an enterprise software company that is pioneering industry transformation.  We deliver purpose-built distributed ledger technology for all types of businesses in all sectors.  Our enterprise blockchain ecosystem is the largest in the world with over 350 institutions deploying and building upon Corda Enterprise and Corda.
R3 has employees based in upward of 11 countries (and still counting) across the globe, with our headquarters in London, alongside office locations in New York City and Singapore. Our vibrant and centrally located offices are filled with collaborative spaces, healthy (some not so healthy) snacks and state of the art work spaces.
The Security Analyst is instrumental in the implementation and day-to-day operation of R3’s Security Operations Centre (SOC) capability. As part of a small team of information security specialists, you will ensure that the SOC supporting R3's twin missions of enterprise software vendor and managed services provider is appropriately designed, built, and operated to address the information risks faced by R3, as a cloud native company. This is an exciting role, and not for the faint-hearted. You will help to shape R3s SOC capability and enhance it, You will be a core member in developing threat hunting and automated detection procedures and responding to threats.
You'll have a strong technical security background in financial services, telecoms or critical infrastructure, or maybe an enterprise-scale end-user security department. You’ll have experience of threat hunting and incident response likely from working in a SOC. You'll be used to working in comprehensive security control environments, but have the insight to bring a risk-based approach to a fast-moving company with a start-up culture. This is an opportunity to help "write the book" on building the technical security controls to support enterprise distributed ledger technology and services.

Responsibilities
  • Monitor alerts and investigate security events via a SIEM solution to triage suspicious activities; helping with containment and prevention, as well as supporting recovery.
  • Be involved in the execution of procedures for threat hunting and investigation; security response and security incident response.
  • Be responsible for the design and implementation of standardised preventative and detective technical security controls for R3's cloud and on premises infrastructure, including driving conformance to operating system and cloud environment benchmarks, network security controls, and consistent logging and alerting. These controls will be integrated into the wider R3 security control environment as the foundation for R3's security operating capability.
  • Work with the wider security team to prepare for, and undergo external service auditor assessments of the security control environments which you help to develop.

  • Qualifications (Must have)
  • First and foremost we want you to love what you do. You'll need to be a security evangelist within R3 and the community of Corda Network and Corda Managed Service participants, both current and future.
  • We'd love to see evidence of other experience too, you might have been a developer, network operations person, penetration tester or researcher in a previous life.
  • We believe that we work better as a team. You'll be working with a diverse team of people with a variety of skills and backgrounds and a high level of emotional intelligence will be assumed. People skills are essential.
  • You'll need excellent communication skills, both verbal and written. You'll be happy explaining the control environment that you have helped develop to R3's clients or service auditors.
  • You’ll need strong hands-on experience of maintaining SIEM solutions. You will be practiced in using a SIEM for threat hunting, and subsequent security incident response.
  • You will have relevant experience of implementing technical security controls in mission critical service delivery environments. Financial services experience would be ideal, but experience in other areas such as telecoms or other critical infrastructure may also be a good fit.
  • You'll need to have experience with multiple operating systems and be fluent in Linux internals.
  • Hands on experince with vulnerability assessment tools such as Tenable, Qualys or OpenVAS.
  • You'll need to be able to automate things. Working knowledge of at least one contemporary scripting language is essential. We won’t expect you to write in all languages, but you should be confident in reading at least Python, and either Shell script or PowerShell.
  • Working knowledge of at least one modern query language (KQL, SPL for example) is essential.

  • Qualifications (Nice to have)
  • Exposure to Azure Sentinel, Microsoft 365 Defender or Defender for Endpoint would be particularly useful, but not essential.
  • Relevant professional qualifications would be great. SANS GIAC certifications are also good but not essential. You'll need to demonstrate that any certifications you claim are valid and current (we will check).
  • It would be great if you have worked in an organisation that is certified ISO 27001, assessed against SOC 2 common criteria or PCI compliant.
  • An engineering or science degree would be great, but appropriate career experience is just as important. Be prepared to tell us all about that experience.
  • Any personal projects, talks or anything else you think represents your passion for Security, please tell us but be prepared to talk about them.

  • Listing Details

    • Citizenship: Not Provided
    • Incentives: Not Provided

     

    • Education: Not Provided
    • Travel: Not Provided
    • Telework: Not Provided



    About Us

    NinjaJobs is a community-run job platform developed by information security professionals. Our unique approach of focusing strictly on cybersecurity positions allows us to personalize the user experience.

    Our Contacts

    1765 Greensboro Station Pl.
    Suite 900
    Tysons Corner Va 22102

    (703) 594-7765