Security Analyst

  • Job Reference: REQ1968
  • Date Posted: 4 May 2022
  • Employer: SGN
  • Location: Horley, Surrey
  • Salary: On Application
  • Sector: Operations
  • Job Type: Permanent
  • Work Hours: Full Time

Job Description

Security Analyst

 

Location: Walton Park

Salary: Personal Contract (dependent on experience)

Reference: REQ1968

 

THE ROLE

 

Here at SGN we are currently looking for a Security Analyst who is responsible for ensuring the IT and OT networks are secure, managed and maintained in line with SGN policies and legal and regulatory requirements.

 

The Security Analyst will act as SGN Security Network subject matter expert and the primary contact liaising with Network CoE and third-party network providers.

 

You will also work with several teams including the architecture team, IT portfolio team, external SOC partners and project delivery team in ensuring that security improvements are embedded across all key areas.

 

You will possess technical security expertise coupled with a strong team focus, excellent communication, relationship building and influencing skills.

 

You must have a good understanding of Security Operations and related security tools such as Firewalls, VPN Gateway, SIEM, EDR, MDR, UEBA, DLP.  An understanding of cloud security is essential and experience and knowledge of Industrial Control Systems advantageous, but you will be provided with the opportunity to learn new technical and business skills.

 

Key responsibilities will include;

 

  • Network Security subject matter expert
  • Provide support to each of the Security functions, including OT Security, Governance Risk and Compliance, Security Assurance and Security Operations
  • Support the Security GRC lead, ensuring network security risks, mitigation and remediation options are fully documented
  • Provide assurance activities around internal and external network service provision. This comprises of supplier assurance activities, review of solutions, and network security controls assessments.
  • Ensure network security metrics as documented ad presented at monthly governance reviews
  • Engagement with the Security Architect, ensuring relevant network security policies and threat/risk profiles and included into secure architectural solutions that mitigate risks, conform to legislation and regulations and relate to business needs.
  • Providing relevant technical/nontechnical security support to Security Operations, including incident response
  • Be part on an On-call rota
  • Providing relevant technical/nontechnical security support to OT Security Lead
  • Work alongside and coordinate security activities with our third-party network vendors
  • Remain up to date on cutting-edge cloud technology.
  • Where required, propose solutions and coordinate delivery of mitigating actions to ensure risk levels are aligned with risk appetite.
  • Operate collaboratively with the wider Corporate IT team to ensure firewalls are managed and maintained, including revalidation of firewalls rules, identifying vulnerabilities and ensuing firewalls are patched and up to date
  • Support penetration testing against networks
  • Ensure security policies enforced (e.g. patching policies) and Security Operating Procedures in respect of system and/or network management.
  • Undertakes routine technical vulnerability assessments
  • Support internal and External audits
  • Ensure network activity is monitored to identify potential intrusion or other anomalous behaviour and an appropriate response is taken, escalating as necessary.
  • Where required, provide relevant technical/nontechnical security support to the wider SGN Security team and wider SGN organisation, including the SGN CISO, Security Operations, Security Risk Management and Security Assurance
  • Operate collaboratively with the IT Security Leads and the wider Corporate IT team to deliver the required solutions.

 

CULTURE/BENEFITS

 

This role will offer plenty of genuine learning and development opportunities, as well as a competitive salary with company benefits including retail & leisure discounts, HolidayPlus & Cycle2work schemes, gym & mobile discounts, a pension scheme, and more.

 

Fostering a diverse and inclusive culture is something we pride ourselves on at SGN. We want our workplace to be an innovative and inclusive place to work, where every single person feels empowered to achieve professional success.

 

WHAT YOU’LL BRING

 

The individual should be educated to degree level in a relevant discipline. Must be CISM/CISSP/CCSP/TOGAF/CRISC/AWS Solution Architect or equivalent certified or willing to undergo certification on the job.

 

We are also looking for:

 

  • Must have expertise in Cloud (IaaS, Paas, SaaS), in particular AWS and Azure
  • Must have proven expertise in three of the following security domain areas; Vulnerability Assessment and Management, Security Risk and Compliance, Cloud Security Architecture, Application Security, Security Operations Centre and Investigations, Incident Management and Security Engineering
  • Must have 1-2 years’ cyber security experience
  • Good understanding and practical experience of Cyber Security Frameworks and standards such as NCSC security principles, NIST Framework, ISO 27001, ISO27005, IEC62443 etc.
  • Good understanding of Cyber Assurance Framework and experience with working with Regulators and providing compliance updates for OT environment

 

Desirable:

 

  • Experience or knowledge of Industrial Controls System (ICS)

     

    Skills that will help you in the role:

     

  • The suitable candidate must be a highly motivated individual
  • A proven track record as a cyber security subject matter expertise in this or other organisations is a prerequisite requirement.
  • The role will require a significant attention to detail and ability to work with both a strategic, Director level as well as working with subject matter experts on detailed design issues and application, integration and data modelling.
  • The successful candidate will be required to be an excellent communicator and not averse to dealing with conflict management and decision making on a regular basis.

 

Key skills and Behaviours:

 

  • Able to coach and motivate teams to deliver results under pressure or with conflicting demands
  • Good at challenging and support their teams on self -development and keeping up to date with technology
  • Attention to detail
  • Good interpersonal and communication skills.
  • Collaborative team player.
  • Ability to lead and take control when required to do so
  • Assertive and driven
  • Good at building rapport and influencing at all levels
  • High energy and a desire to succeed

 

Not a perfect skills match? Tell us what you’re interested in – you might have a skill we didn’t realise we needed!

 

WHO WE ARE

 

We’re on a journey to transform the future of gas and we think outside the box – futuristic technologies and robotics are leading our innovation. Keeping our customers safe and warm is what we do but beyond that, we want to make the world a better place, which is why we’re passionate about helping in our communities, reducing our carbon footprint and driving innovation in our industry.

 

At SGN, we strive to sustain our world through managing the network that distributes natural and green gas across the south of England and Scotland. We have an important responsibility to keep the gas flowing to 5.9 million homes and businesses. Your work directly impacts SGNs commitments to keeping our customers’ homes and businesses safe.

 

We’re quick to deliver and we may not always wait until the job advert expires before reviewing applications. We recommend you submit your application as soon as possible so we can continue the conversation…