Brief Description
Join Our Team as a Senior Operational Security Analyst! Are you passionate about cybersecurity and looking for a flexible, part-time opportunity? We’re seeking a motivated, dependable, and collaborative Senior Operational Security Analyst to become a valued member of our team.This role is perfect for individuals seeking part time work with flexible working hours and an opportunity to make a meaningful impact. We welcome applicants from all backgrounds and encourage those with non-traditional career paths, diverse experiences, or unique perspectives to apply.With your skills and experiences you can help shape a secure environment for Network Rail by: Provide Detection, Analysis, and Response: Monitor and respond to cybersecurity events for IT Infrastructure, including security monitoring, network, and cloud environments. Strengthen Network and Cloud Security: Work to identify and mitigate risks in our network and cloud infrastructures. Manage Threat and Vulnerability Services: Proactively assess and address vulnerabilities to ensure systems remain secure and resilient. Collaborate Across Teams: Work closely with cross-functional teams to provide expert guidance on security measures and best practices. Contribute to Security Monitoring: Utilise tools and technologies to oversee systems and identify potential threats before they impact operations.
About the role (External)
Provide technical leadership and comprehensive security operations support service to Route Services IT and promote best practice across delivery units.
1. Act as primary interface to delivery units to align and define working practice and workload within security operations.
2. Act as primary interface with Network Rail’s suppliers, service providers and partners relating to the provision of operational security services
3. Provide a comprehensive security operations support service focussed to the delivery units.
4. Monitor and strive to improve the technical competence of IT staff associated with security in specified delivery units.
5. Review and make recommendations on derogation and non-compliance to security related standards.
6. Review and monitor progression of potential improvements to security related standards from specified delivery units; provide feedback to the originators.
7. Provide advice and guidance to delivery units in the production of business focussed changes, renewal or replacement proposals and approve them as appropriate.
8. Provide security operations input to IT projects and programmes.
9. Monitor and analyse the quality and performance of security controls and instigate corrective action as required.
10. Lead response to reported or suspected security incidents including collection and analysis of evidence to enable assessing and managing actions to mitigate future events and incidents.
Essential
11. Significant industry experience specific to Information Security.
12. Demonstrable knowledge of Networking, IT Infrastructure, IT Systems, and the Internet to include standard protocols, applications, and tools (TCP/IP, SMTP, Web Services & Applications, Database systems, Security vulnerability identification, Penetration Testing, password cracking, etc…)
13. Demonstrable experience of working within a standards and service level driven environment
14. Proven experience of administering technical security infrastructures
15. Experience in coordinating response to security incidents in large businesses.
16. Expert knowledge of Information Security principles, technology and threats
17. Experience leading small teams in delivering technical security systems.
18. Professional technical security certification or equivalent experience.
Desirable
19. Experience administering standard Intrusion Prevention/Detection Systems (QRadar, IBM ISS Site Protector, Cisco/SourceFire IPS, Snort IP(D)S, etc…
20. Experience with standard Vulnerability analysis tools (IBM ISS Security Scanner, Nessus, NMAP, OpenVas, Retina, Qualys, etc…)
21. Experience administering standard SIEM tools (Arcsight, AlienVault, IBM QRadar, Splunk, Tripwire, Quest, NetIQ, etc…)
22. Awareness and understanding of British and international standards for security management and control
23. Experience of working in the rail industry