Arriva is a leading provider of passenger transport across Europe, employing around 34,400 people and delivering around 1.6 billion passenger journeys. With buses, trains, coaches, trams, waterbuses, bike-sharing systems, on-demand transport solutions and a rolling stock leasing company, Arriva proudly connects people and communities safely, reliably and sustainably across 11 countries.
We’re hiring for an IT Security Operations Engineer to join our IT Services Security team.
The IT Security Operations Engineer will play a crucial role in ensuring the effectiveness of technical security controls across Arriva, protecting the business from cyber risks and driving efficiencies in both the deployment and ongoing management of these controls.
Working closely with the Group Head of Security Operations, you will support the validation and oversight of security controls within Arriva’s Group IT operations, helping to ensure risk management and compliance across the organisation. You will also have a particular focus on the delivery and support of EDR/SIEM services, serving as the primary point of contact for both implementation and day-to-day operations.
This role can be based from either our Sunderland (Doxford) or Leicester (Thurmaston) office, a minimum of 2 days per week with the rest focusing on where you can best deliver. The role operates Monday to Friday, 35 hours per week with 1 hour lunch per day. Please note, travel will be expected several times a month between our Sunderland (Doxford), Leicester (Thurmaston), and London (Lacon) offices.
Key responsibilities of the role:
* Ensuring the day-to-day running of IT security on the Arriva Group estate is functioning and acting as an adequate technical security control.
* Managing IT security controls on the Arriva Group estate and ensuring those managing them are competent and supported.
* Working with outsourced security suppliers to manage security services not provided in-house.
* Defining and implementing a KPI framework to measure effectiveness of controls and providing regular reporting.
* Supporting vulnerability assessments and management services to the business.
* Supporting the maturity and operations of the Security Operations Centre (SOC).
* Running monitoring systems for intrusion detection and prevention; acting as the first line of incident response/escalation.
* Investigating suspected and actual security incidents, producing reports with recommendations.
* Managing the Security Information and Event Management system (SIEM) and ensuring appropriate actions are taken.
* Auditing identity and access control systems.
* Leading the implementation of a zero-trust identity framework including Multifactor authentication, Privilege Identity Management (PIM), and Conditional Access.
* Leading the implementation of Endpoint security solutions across Arriva.
* Working with operational teams to support incident response resolutions.
* Developing strong working relationships across all Arriva Business functions and its supplier base.
* Understanding and driving vendor relationships for Cyber Security products or services.
* Assessing the security impact of changes to the UK service.
* Coordinating remediation activities with UK and Europe business IT functions.
* Supporting the IT Security elements of Arriva’s move towards cloud-based solutions.
* Reporting any live UK services security concerns to the SOC.
* Supporting cyber breach response out of hours when required.
What we'd like from you!
We're seeking individuals with a background in technical services and security controls, with in-depth knowledge of IT Security, including Cyber Security, Identity and Access Management, Authentication and Single Sign-On, Network Protection, SIEM technologies, and Office365.
You will have experience in managing security testing requirements and possess excellent written and verbal communication skills. Strong project management skills are essential, along with the ability to establish and maintain effective working relationships with key stakeholders.
Candidates must also:
* Understand the diverse technologies in place within IT Services.
* Possess robust project management skills.
* Encourage and contribute to a learning environment.
Having knowledge of Rapid 7 and Microsoft security tooling is highly desirable, as is knowledge of Sophos and experience with Operational Technology (OT).
What we can offer you:
* True hybrid working.
* Life Assurance and access to a large network of medical professionals.
* 25 days holidays and statutory bank holidays (pro rata for mid-year joiners).
* Access to our Employee Assistance Programme (EAP).
* Discounts and cash back through ‘The Village’ – our Online Reward Gateway.
* Opportunity to join our Employee Experience Forum.
* Opportunity to join a Global Arriva Inclusion Network (GAIN) group.
* Free Arriva bus travel for you and immediate family outside of London – T&C’s apply.
* A supportive team environment.
Why work for us?
Arriva is a people-focused business, striving to create a culture where we can all be ourselves, where we belong, feel respected, and our differences celebrated.
The closing date for applications is Tuesday 18 February 2025. Arriva Group reserves the right to close this vacancy early.
#J-18808-Ljbffr