What is the purpose of the role?
Working in the operational security function, your primary responsibility is helping to protect the organisation from threats and vulnerabilities. Monitoring threat intelligence feeds and researching vulnerabilities to identify business impact, identifying patch requirements, hunting for threats and investigating alerts raised by monitoring platforms and working issues through to completion. Processes are important, they define how our team functions and what we provide to the business. You'll have input into creating new processes, keeping them up to date, ensuring that our systems are compliant and that status is accurately reported. You'll contribute knowledgebase and training material to assist other team members. You'll need to ensure that the tools our team uses to track down vulnerabilities are working correctly, logs are going where they should and from where they should.
What makes this role unique?
As part of our exciting plans, the IT operations team structure is growing to strengthen and increase our in-house capability and capacity. The areas of expertise we're looking for are focused on the end to end service management of our IT services. This is a chance for you to work in our innovative creative office space where you will be able to visually demonstrate your skills, ideas and insights openly. This is a challenging role which requires you to help deliver the best next generation services to all our customers. You will be part of a new team creating our own in house multi-million pound ITIL service management framework. You will be involved in continuously improving our service for our current and future long term vision.
What will this role involve?
The core functions of the security function are to detect and respond to security issues on the estate and working with the technical leads to resolve issues.
This will involve vulnerability, incident, threat and configuration management.
Monitoring the ingress and egress points of the network to prevent data loss, analysing security events and providing root cause analysis to interested parties.
What are we looking for?
Your mindset is the most important, you need to be keen to learn, want to investigate and want to turn over that stone to find out why something is happening. You will be hungry to hunt and find the solution to any threat to our systems, and are persistent in asking questions to help in finding the answer and solution to the security breach. Working under very tight timelines, you will have the ability to be able to source the solution quickly to the incident and threat. A keen interest in technology and a decent understanding of how the things you support hang together.
You may have worked on a helpdesk, supported users and maybe servers or networks, you should have previous experience in a SOC or an equivalent role. You have excellent communication skills, both verbal and written and can explain your findings to a variety of audiences. You keep up to date with the latest threats or vulnerabilities and enjoy the challenge of a CTF or reverse engineering malware. We are looking for someone comparable experience in a similar role with excellent communication skills. All applicants must be competent in decision-making, problem-solving, team building, negation, conflict management and time management skills. You must have excellent communication skills and experience in vulnerability management, incident response and threat hunting.
Essential technical skills: You need to have experience with SIEM solutions, understand what they do and how they work. Threat detection and investigation, an understanding of malware, it's possible methods of introduction and indicators of infection. Good understanding of network protocols and troubleshooting. Experience of incident management. Exposure to CyberArk, threat hunting and malware reverse engineering are a bonus. Your previous experience could be tier 2 analyst type roe in a SOC (service operations centre) or NOC (network operations centre) looking for and delivering solutions. In previous roles you may have experience in working with Microsoft windows, Unixs, Solaris, Red hat, checkpoint fire wall, IBM Q radar, or Sap vulnerability software. This role offers an excellent work life balance with the working hours to be 9:00 to 17:00 Monday to Friday.
Thames Water information and salary details
This role is based at our offices in Reading. We are offering a salary of between £39,100 and £52,900, dependant on skills and experience. Our competitive salary package includes an excellent contributory pension and holiday scheme and a wider benefits scheme which includes an annual pay review, season ticket loans plus discounts at a wide range of retailers via Benefits on Taps.
Thames Water is an equal opportunity, Disability Confident, and Stonewall diversity champion employer.
Closing Date: The closing date for applications is 21/9/2018.