The Senior Security Operations Analyst is a member of the Paddy Power Betfair security team, reporting to the Security Operations Manager.
The Security Operations Analyst is responsible for the day to day security monitoring of Paddy Power Betfair’s enterprise information systems, including vulnerability monitoring and attack detection. The team ensures that information security threats and incidents are detected quickly, responded to swiftly and efficiently, and contained so as to minimize the impact to the organization.
The Senior Security Operations Analyst is expected to support a 24x7x365 Security Operations Center (SOC) environment and collaborate with members of the CTI, Enterprise Infrastructure, Application Security and Infrastructure Security teams. As the subject matter expert of multiple technologies, the Senior Security Operations Analyst plays a critical role and is responsible for being a liaison and driver of our security solutions. The Senior Security Operations Analyst is expected to plan, coordinate and implement new processes, procedures and enhance the SOC team capabilities. Finally, the Senior Security Operations Analyst will be L3 escalation point for issues encountered by the SOC team as related to both their day to day work as well as on analytics for advanced security scenarios.
The working hours for a Senior Security Operations Analyst are the business hours for the Australian (Melbourne) office.
- Prioritizes own work and may have duties instructing, directing, assigning and overseeing work of less senior engineers
- Operates as a lead contributor in the support of IT projects and services from a technical security perspective
- Authors and distributes technology white papers
- Creates and delivers presentations to technical and non-technical audiences
- Monitors and assesses vendor and 3rd party information security reports/lists
- Reviews and recommends changes to information security policies Designs, develops or recommends security systems solutions for protection of proprietary/confidential data and systems
- Provides analysis of potential risk to network security and recommends solutions by potentially modifying network security policies
- Support potential security incidents in line with appropriate processes
- Incident response handler
- Break fixing IDS and NetFlow analysis tools
- Managing and monitoring other key security tools
- Complete daily standard operation procedures and follow up actions
- Create and interpret regular and ad-hoc security reports
- Continuous focus on service improvement
- Contribute to security engineering activities e.g. supporting maintenance, improvements, and potentially replacements of monitoring technologies as they reach end of life
- Thorough understanding of the OSI model is required
- Strong knowledge of application layer security and architecture is desired
- Extensive experience with Linux, UNIX, Windows operating systems
- Thorough understanding of network services, exploits, vulnerabilities and attacks, routing principles and networking fundamentals, well known protocols, command line interfaces
- Significant understanding of regular expressions
- Solid knowledge of Packet Analysis Tools (TCPDUMP, Wireshark, Ngrep, etc.)
- Keen ability to diagnose and troubleshoot technical issues, excellent problem-solving skills
- Scripting/programming skills a plus
- Ability to quickly understand and adapt to a complex, rapidly changing, global organization, e.g. changing organizational structure and stakeholders
- Multitasking in a fast-paced environment
- Working effectively with a variety of stakeholders from different technology and business
- Excellent English verbal and written communication skills
- Ability to work with a low level of supervision, and can be relied upon to deliver good quality results by agreed deadlines
- Experience using trouble ticketing
- Excellent organizational and communication skills are required
- Excellent interpersonal and client service skills are required
- Dedication to user service and passion for learning and security
- 10+ years of network and security experience (combined) or equivalent combination of education and experience.
- 5+ years of experience managing projects and deliverable
- Provides technical direction of product support as it pertains to process and automation
- Strong organizational skills and personal framework for consistency, accuracy and repeatable deliverable
- Strong communication skills – written and verbal, team player for both technical and non-technical audiences
- Ability to drive key initiatives, with minimal direction with strong interpersonal and client service skills
- Demonstrated experience in fostering collaboration, innovation, creativity and teamwork, analytical capabilities
- Strong analytical capabilities problem solving skills, providing solutions in a systematic and clear manner, easily understood and followed by colleagues
- Expert level knowledge in Web Application Firewall platforms
- Working knowledge of the ITIL framework
- 10+ years of relevant experience or equivalent combination of education and work experience: undergraduate degree and 6-8 years of relevant experience, graduate degree and 4-6 years of relevant experience.
- ICND Certification, Linux Fundamentals, MSCA, Comptia Security+, CEH are considered a plus
- GIAC, GCIA, GCIH, GWAPT, GSEC or similar certification a significant plus