The Security Operations Analyst is a member of the Paddy Power Betfair security team, reporting to the Security Operations Manager.
The Security Operations Analyst is responsible for the day to day security monitoring of Paddy Power Betfair’s enterprise information systems, including vulnerability monitoring and attack detection. The team ensures that information security threats and incidents are detected quickly, responded to swiftly and efficiently, and contained so as to minimise the impact to the organisation.
The security operations function will be required to service our business 24x7. To meet this requirement shift, holiday and weekend work will be required.
• 1st level processing of security alerts from attack detection tools.
• Escalate and support potential security incidents in line with appropriate processes
• Incident response handler and first responder
• Managing and monitoring other key security tools
• Complete daily standard operation procedures and follow up actions
• Work on security related requests
• Create and interpret regular and ad hoc security reports
• Continuous focus on service improvement
• Intrusion Detection System (IDS) monitoring and Netflow analysis
• Security incident response – ability to verify and assess security events and respond to incidents
• Overview understanding of ICT systems and technologies (. Linux and Windows operating systems, TCP/IP networking, DNS, virtualization, content filtering, etc.)
• Focused on delivering good customer service – responding to requests within required timeframes, proactively providing regular updates, driving rapid resolution of requests
• Defining and delivering continuous service improvement, whilst contributing to the continued delivery of day-to-day services
• Ability to quickly understand and adapt to a complex, rapidly changing, global organisation, . changing organisational structure and stakeholders
• Working effectively with a variety of stakeholders from different technology and business teams
• Excellent English verbal and written communication skills
• Experience with a SIEM tool such as Splunk, ArcSight, Qradar, etc.
• Good prioritization skills with multitasking in a fast paced environment
• Ability to work with a low to medium level of supervision, and can be relied upon to deliver good quality results by agreed deadlines
• Enthusiastic, with a drive to continue learning and developing new skills
• Previous experience working in an IT Security Operations role with knowledge and understanding of security principles, techniques and technologies
• Knowledge of Network and Server technologies and passionate about security
Commercial acumen: Understands how the business works and how the organisation makes money and stays competitive. Encourages diverse thinking to promote and nurture innovation. Articulates credible pictures and visions of possibilities that will create sustainable value.
Ability to drive change: Understands the roadmap and works with the team towards achieving the milestones. Relates to the organisation wide energy and optimism for the future and can disseminate these virtues throughout the company.
Business engagement and relationship management: Works cooperatively and partners with other across the organisation to get work done. Uses knowledge of business drivers to guide actions