Job Details: Security Operations Officer
Full details of the job. Vacancy Name:
Security Operations Officer Vacancy No:
VN474 Employment Type:
Full-Time Location:
Office Based - Borehamwood About Us: Our Mission Happy, healthy pets, make for happy, healthy people. We aim to strengthen the unique bond between pets and their parents through our innovative products and services, enabled by brilliant colleagues who embody our values of performance, exploration, togetherness, and sustainability. The Security Operations Officer
is engaged primarily to maintain and enhance the security posture of Pinnacle Pet UK's IT infrastructure through vigilant monitoring, managing, and remediation of security threats and vulnerabilities. The Security Operations (SecOps) Officer will work independently alongside the Global Security Officer / CISO, a managed security operation centre, the wider IT team, and Pinnacle Pet UK business areas. Your scope of activity will include: IT estate security compliance monitoring Vulnerability management Security incident management Defining and maintaining security procedures and corresponding documentation. Responding to various requests and queries from the wider business Management of various security alerts Integration of cyber threat intelligence (CTI) feeds Producing various security reporting Key Responsibilities: Security Compliance Monitoring:
Monthly assessment and reporting on the compliance levels of IT assets regarding security standards including hardening, patching, and antivirus measures (tool: Defender and Intune). Vulnerability Management:
Proactively conduct regular internal (tool: Defender for Vulnerability Management) and external vulnerability (tool: Qualys WAS / VM) scans and coordinate effective reporting and remediation strategies in line with SLA’s associated to severity of detection. Security Incident Management:
Efficiently manage security incidents and investigations to minimize impact on the organisation’s operations. Working alongside the managed SoC service, take local lead role on security incidents and investigations, providing timely and effective response to security breaches and potential threats. Cybersecurity Integration:
Enhance existing cybersecurity measures by integrating cutting-edge cyber threat intelligence (CTI) feeds and tools. Security Awareness and Training:
Develop and deliver comprehensive security training and awareness programs to all staff members to mitigate risks associated with social engineering and other human-factor vulnerabilities. Azure tooling uplift:
Enhance existing SecOps processes to adopt and utilise new tooling available via the new Pinnacle Pet UK Azure cloud environment. Oversee the deployment and enhancement of new and existing security tools and technologies, ensuring they are optimized to protect the organization’s assets. Service Now Incident and Request Security SME:
Assisting the wider business on topics related to security while ensuring compliance to the security policies, such as management of reported social engineering attempts, web-filter and firewall change requests. Policy and Procedure Maintenance:
Keep up-to-date security procedures and policies under the responsibility of the SecOps role, ensuring they reflect current best practices and compliance requirements. Security Assurance and Risk Management:
Support both internal and external security reviews and manage the implementation of recommendations to mitigate identified risks. Successful Candidates Will Have: Essential: • IT Skills, including knowledge of computer networks, operating systems, software and security. • Experience with Service Now, Qualys WAS/VM, Zscaler, Purview, Defender Suite, Intune and Azure Sentinel. • Knowledge of the latest information security vulnerabilities and appropriate counter measures. • Understanding of available cyber threat intelligence feeds and integration/alignment with security operations. • A proven understanding of best practices for Incident handling, security investigation processes and techniques, as well as, ability to maintain playbooks. • Understanding of common security vulnerabilities, and tools used for identifying, reporting and analysing. • Candidate must be well versed with OWASP, NCSC, NVD, CVSS scores, CIS20. • Effective communication and documentation skills to both technical and non-technical staff and stakeholders. Desirable: • Experience with attack monitoring and Intrusion Prevention (IDS/IPS), SIEM, ATT&K, Firewalls, Identity and Access Management (IAM), Anti-Virus & Patch management, CASB, especially within Azure cloud environment. • Understanding of cybersecurity frameworks such as, NIST and ISO27001. Required Qualifications: Essential: • Minimum 2 years experience working in an equivalent security related role. • IT or Security related degree or relevant industry qualifications such as CompTIA Security+. Desirable: • Information Security qualifications such as CISSP, CISA, CISM, CIS20, or equivalent. • One or more of the following Microsoft Azure certifications: AZ-500, MS-500, SC-200, SC-100, or equivalent.
#J-18808-Ljbffr
Full details of the job. Vacancy Name:
Security Operations Officer Vacancy No:
VN474 Employment Type:
Full-Time Location:
Office Based - Borehamwood About Us: Our Mission Happy, healthy pets, make for happy, healthy people. We aim to strengthen the unique bond between pets and their parents through our innovative products and services, enabled by brilliant colleagues who embody our values of performance, exploration, togetherness, and sustainability. The Security Operations Officer
is engaged primarily to maintain and enhance the security posture of Pinnacle Pet UK's IT infrastructure through vigilant monitoring, managing, and remediation of security threats and vulnerabilities. The Security Operations (SecOps) Officer will work independently alongside the Global Security Officer / CISO, a managed security operation centre, the wider IT team, and Pinnacle Pet UK business areas. Your scope of activity will include: IT estate security compliance monitoring Vulnerability management Security incident management Defining and maintaining security procedures and corresponding documentation. Responding to various requests and queries from the wider business Management of various security alerts Integration of cyber threat intelligence (CTI) feeds Producing various security reporting Key Responsibilities: Security Compliance Monitoring:
Monthly assessment and reporting on the compliance levels of IT assets regarding security standards including hardening, patching, and antivirus measures (tool: Defender and Intune). Vulnerability Management:
Proactively conduct regular internal (tool: Defender for Vulnerability Management) and external vulnerability (tool: Qualys WAS / VM) scans and coordinate effective reporting and remediation strategies in line with SLA’s associated to severity of detection. Security Incident Management:
Efficiently manage security incidents and investigations to minimize impact on the organisation’s operations. Working alongside the managed SoC service, take local lead role on security incidents and investigations, providing timely and effective response to security breaches and potential threats. Cybersecurity Integration:
Enhance existing cybersecurity measures by integrating cutting-edge cyber threat intelligence (CTI) feeds and tools. Security Awareness and Training:
Develop and deliver comprehensive security training and awareness programs to all staff members to mitigate risks associated with social engineering and other human-factor vulnerabilities. Azure tooling uplift:
Enhance existing SecOps processes to adopt and utilise new tooling available via the new Pinnacle Pet UK Azure cloud environment. Oversee the deployment and enhancement of new and existing security tools and technologies, ensuring they are optimized to protect the organization’s assets. Service Now Incident and Request Security SME:
Assisting the wider business on topics related to security while ensuring compliance to the security policies, such as management of reported social engineering attempts, web-filter and firewall change requests. Policy and Procedure Maintenance:
Keep up-to-date security procedures and policies under the responsibility of the SecOps role, ensuring they reflect current best practices and compliance requirements. Security Assurance and Risk Management:
Support both internal and external security reviews and manage the implementation of recommendations to mitigate identified risks. Successful Candidates Will Have: Essential: • IT Skills, including knowledge of computer networks, operating systems, software and security. • Experience with Service Now, Qualys WAS/VM, Zscaler, Purview, Defender Suite, Intune and Azure Sentinel. • Knowledge of the latest information security vulnerabilities and appropriate counter measures. • Understanding of available cyber threat intelligence feeds and integration/alignment with security operations. • A proven understanding of best practices for Incident handling, security investigation processes and techniques, as well as, ability to maintain playbooks. • Understanding of common security vulnerabilities, and tools used for identifying, reporting and analysing. • Candidate must be well versed with OWASP, NCSC, NVD, CVSS scores, CIS20. • Effective communication and documentation skills to both technical and non-technical staff and stakeholders. Desirable: • Experience with attack monitoring and Intrusion Prevention (IDS/IPS), SIEM, ATT&K, Firewalls, Identity and Access Management (IAM), Anti-Virus & Patch management, CASB, especially within Azure cloud environment. • Understanding of cybersecurity frameworks such as, NIST and ISO27001. Required Qualifications: Essential: • Minimum 2 years experience working in an equivalent security related role. • IT or Security related degree or relevant industry qualifications such as CompTIA Security+. Desirable: • Information Security qualifications such as CISSP, CISA, CISM, CIS20, or equivalent. • One or more of the following Microsoft Azure certifications: AZ-500, MS-500, SC-200, SC-100, or equivalent.
#J-18808-Ljbffr
