Security Operations Specialist

Job DescriptionSecurity Operations AnalystEgress Software Technologies, a leading Cyber Security company, is dedicated to your wellbeing and career development. We offer unparalleled work-life balance and transparent career paths, celebrating your unique contributions. Passionate about Cyber Security? Join us to work in a stable yet exciting industry. Egress protects thousands of enterprises, including Financial Services, Legal, Healthcare, and Government sectors, from advanced threats, ensuring they can achieve their missions safely.At the forefront of the IT Cyber Security industry, Egress can provide an unrivalled career path in Security Operations.The TeamThe three Egress security teams report to the Chief Information Security Officer (CISO), these are:Security Operations – the day-to-day management of operational processes and incidentsCyber Security – defining security best practice of technologies and internal pentestingCompliance & Risk – managing accreditations, auditing, and risk managementThis role forms part of the Security Operations (SecOps) team, which ensure that we operate our business in line with the defined policies & procedures and manage all group security incidents. Whilst there are process aspects to the role there are two main areas of focus for the team:Vulnerability management. The team manage issues identified through internal and external vulnerability testing. Internally we use tools like Snyk (one of several tools available) to find issues in the software development lifecycle. Externally, SecOps work with a penetration testing company to define the scope of pentests and manage the process with engineering. Once issues are identified SecOps work closely with operations and engineering teams to resolve them.Incident management. The team manage our security incident response activities, investigating alerts using tools such as Azure Sentinel. SecOps will coordinate the incident response with resolving teams and engage with key stakeholders for updates. As the team works office hours, engaging a managed SOC provider who cover 24/7 incident management.Beyond close daily collaboration with other security teams, SecOps engages with all teams across the business at every level. In this role you will be a key contributor to maintaining a good security posture and building on our security culture.Other duties include running the Security Awareness and Training (SAT), UK security vetting, Business Continuity Planning (BCP) and supplier onboarding.The wider security team work closely together with opportunities for cross-training and career development. The management team actively support personal development, with access to training tools such as Percipio, O’Reilly and Microsoft’s ESI. We are looking for a candidate who can demonstrate key competencies, a desire to learn and apply new skills. You will be supported with mentoring from across the team and have opportunities to learn in an environment that uses the latest technologies.As a security company we also use our own products and services internally, and the SecOps team are encouraged to give feedback to the product management group to help further develop the capabilities of our products with real end-user feedback.The security team are split between our London and Sheffield offices, but ensure we spend time in social activities and not just work. Whether it’s a breakfast catch-up, a visit to an expo or one of our regular social events after work.The RoleReporting to the Security Operations Manager, your key tasks may involve:Managing vulnerability scanning tools - SAST, SCA, IaC, Containers & DAST for all Egress productsInvestigate SIEM alerts, working with the Engineering and Operations teams to resolve issuesManaging vetting applications, supplier onboarding and security awareness programmesPlan and manage 3rd party penetration testing Support customer requests for information (RFI) on security related questionsManage supply chain securityIdentify and contribute to our continuous improvement planThe PersonAs a member of the SecOps team, you will work in a hybrid environment both independently and as part of a team, typically in the office 2 days per week. You should have experience of security in a cloud environment (Azure or AWS), using technical knowledge to investigate and manage security incidents.Ideally experience in at least one of the following:Reviewing vulnerabilities found in code analysis tools and liaising with development/engineering to prioritise the resolutionSOC investigation of security events in a SIEM (e.g. Azure Sentinel, Splunk etc)A basic knowledge and desire to learn python, to automate day to day tasks.You should have good prioritisation and organisational skills whilst able to stay calm in the event of a high priority incident. You will need to be able to articulate your findings in a persuasive manner and apply good problem-solving skills.What rewards and benefits would I get in this role?25 days annual leave Private MedicalFree breakfastsPension schemeCycle to work discount schemeRegular Charity events & fundraisersAnnually funded company kick-off eventManagement/Peer recognition programmes with rewards The CompanyWe are proud of our uniquely agile, effervescent, and people-focused equal opportunity environment. Our core values of Own it, Be bold, Do the right thing & Be a bar raiser run through everyone who works for us, and everything we do.We have been recognised as one of the best workplaces in the prestigious Great Place to Work award scheme, highlighting our commitment to fostering an exceptional employee environment. The atmosphere across the business is friendly and supportive, with a constant desire to improve in everything we do! We fund bi-annual paid for social activities as our offices continue to get busier! For those who are working remotely, we can’t promise the coffee you have in your kitchen will be as good as the free ones we have in the offices but the people you share it with will be just as warm and welcoming.Diversity, Equity and InclusionHere at Egress, we are committed to diversity, equity and inclusion. Our workforce has consistently sat above the national average for both BAME and Female representation, but we recognise that we can always do more. Every job description is subject to scrutiny through a gender bias decoder ensuring our roles are as inclusive and attractive as possible. Our culture is one that aims to nurture a welcoming and safe working environment for everyone with initiatives such as our Diversity & Belonging forum, dedicated mental health first aider network and regular awareness seminars all contributing to a great place to work whoever you are.Find out more here - https://www.egress.com/en-us/environment-social-governance/diversityPrivacy and Your DataPlease take the time to check and read our recruitment privacy policy – you can find it at www.egress.com/legal/recruitment-privacy. The information you provide to us when you apply will be held, stored and processed by Egress Software Technologies Limited in accordance with it.Any job offer that we may make to you will be subject to you successfully passing background checks.