Senior Cyber Security Operations Analyst - SEIM Specialist

Pearson ,
London, Greater London
Job Type: Full-time

Overview

Senior Cyber Security Operations Analyst - SEIM Specialist Description Description At Pearson, we’re committed to a world that’s always learning and to our talented team who makes it all possible. From bringing lectures vividly to life to turning textbooks into laptop lessons, we are always reexamining the way people learn best, whether it’s one child in our own backyard or an education community across the globe. We are bold thinkers and standout innovators who motivate each other to explore new frontiers in an environment that supports and inspires us to always be better. By pushing the boundaries of technology — and each other to surpass these boundaries — we create seeds of learning that become the catalyst for the world’s innovations, personal and global, large and small. Role purpose The primary purpose of the Security Operations SIEM Specialist is to be responsible for designing, testing, implementing, monitoring and supporting security measures for our SIEM estate. You will be a SIEM expert solving organizations’ most challenging cybersecurity problems, including the ones they didn't know existed. Self-motivate with an insatiable thirst to learn new technologies and thrive in a fast paced environment. You will feel comfortable mastering new technologies and come from a variety of business, analytic and technology backgrounds.You will be a security tools and systems expert, understand defensive security techniques (with the ability to think like an offensive cyber adversary), strategy, technologies and be sufficiently agile to cope with a forever changing digital threat landscape. Responsibilities Main duties consist of Administer and enhance our SIEM environment across all estate, onpremise and cloud. Plan, deploy and document architecture components, monitoring & alerting setup, troubleshooting guides. Onboarding new data as well as new customers working with them to insure they are getting the most out of the data and help design new applications for their specific use. Test new versions and components in QA environment for promotion into Production. Mentoring other engineers within the organization on the capabilities and technical knowledge Development of new applications, views, file and database lookups, dashboards, reports, alerts, data collection, scheduling of alerts and reports. Create, configure, and manage summary-based reporting and data model acceleration and oversee strategies for improved performance. Build a strong enterprise-level model for data onboarding and application development standards. Work with the SOC 24/7 response team to establish priorities and use cases. Be familiar with the integration of Machine Learning and the use of anomaly algorithms within the SIEM capabilities. Identify opportunities to enhance and optimise the SIEM architecture and alerting through the use of machine learning and anomaly detection. Collaborate with architects, designers, requirements analysts, database and system administrators and developers on system and application design. Promote changes and releases through the various test, quality assurance and production systems. Assist in troubleshooting and resolving technical issues causing the unavailability of systems or applications for users. Assist in disaster recovery planning, documentation and implementation Lead and deliver activities within the continuous programme of cyber security improvement relating to cyber security monitoring and incident response for systems and infrastructure Assess and understand Pearson’s current security posture and future architecture, providing recommendations for Cyber Security improvement and risk reduction Making recommendations to improve operational effectiveness Identify abnormalities and report violations Research and recommend security upgrades Skills and Experience Ability to work well in a Team Methodical and disciplined work approach Good analytical skills Good interpersonal skills Strong knowledge and demonstrable experience of information security technologies and methods Security event log collection and analysis Experience in systems (Linux/Unix) and networking Experience of vulnerability and threat assessment Experience of Web-based application security Ability to develop custom code (perl / shell scripting etc.) Experience of Cloud systems and their Architecture (AWS, Azure, Google) Experience of working in a 24/7 Security Operations Centre environment or similar Experience of Incident Handling processes and procedures Pearson is an equal opportunities employer. We do not discriminate against employees or job applicants and select the best person for each job based on relevant skills and experience. We are also committed to building an accurate picture of the make-up of the workforce and encouraging equality and diversity. The information you provide will stay confidential, and be stored securely. It will not be seen by those involved in making decisions as part of the recruitment process. Qualifications Qualifications Certified to one or more of the following or equivalent - GCIA, GHIH, GCFA, CISSP, CEH, GERM, GREM, GCFE, OSCP OR SSCP Splunk Certified - Architect/Consultant/ES LI-POST Primary Location: GB-GB-London Work Locations: GB-London-80 Strand 80 Strand London WC2R 0RL Job: Technology Organization: Technology & Operations Employee Status: Regular Employee Job Type: Standard Shift: Day Job Job Posting: Mar 5, 2020 Job Unposting: Ongoing Schedule: Full-time Regular Req ID: 2000944 Pearson is an Equal Opportunity and Affirmative Action Employer and a member of E-Verify. All qualified applicants, including minorities, women, protected veterans, and individuals with disabilities are encouraged to apply.