安全运营分析师

Job Description

As Security Operations Analyst you'll be responsible for coordinating and executing a range of security services within the Cyber Fusion Centre focusing on Vulnerability Management. The wider team covers Threat Intelligence, Incident Response, Event Monitoring, Security Device Configuration, Security Testing, Digital Forensics, Threat Hunting and Threat Reporting.

What you'll be doing

You'll coordinate with Local and Global Security Teams and be responsible for the discovery of vulnerabilities and driving remediation via various teams within ScottishPower. You will create and embed new processes and services team to ensure the successful delivery and operation of the vulnerability management programme required by the UK Cyber Fusion Centre.

You will manage day to day coordination of supplier activity in relation to various operational security services such as penetration testing, red team exercises, vulnerability scanning and analysis for the UK, while providing expert input in the definition of a programme of security initiatives for inclusion in the Global Security Plan.

You will provide support to the rest of the Cyber Fusion Centre by coordinating activity in relation to the definition, build and support of the tools and services required by the Cyber Fusion Centre. Owning the delivery of appropriate support models for all vulnerability management tools, and the activity in relation to the definition and operation of the UK Cyber Security Incident Response Plan. You will assist in the coordination of regular testing of ScottishPower preparedness through internal simulation exercises and external Red Teams.

You will work closely with IT and OT security functions to ensure the delivery of security services and collation and distribution of vulnerability metrics where required.

What you'll bring

We are looking for you to bring experience of vulnerability management in an organisation of similar scope and scale to ScottishPower, with previous IT Security Operations experience in a Global organisation preferred. Specialist knowledge of IT Security as evidenced by relevant industry qualifications (e.g. LDR516, GCIH, CIH, CEH, PEN-200, OSCP) and experience in configuring and supporting security tools and managing activities relating to the understanding and dissemination of vulnerability risk to stakeholders.

Experience in coordinating with security service providers and security software suppliers and an awareness of key legislation and regulation impacting the delivery of IT Security, and understanding of OT Security challenges and solutions, along with being able to support SME input into Cyber Security Operations Strategies and Product Roadmaps. Bringing an understanding and awareness of working within a Vulnerability Management role, you will be able to work closely with the Vulnerability Manager to support business deliverables.

You'll possess excellent communication skills, comfortable working with all levels of stakeholder and able to build long lasting effective relationships with key stakeholders locally and globally. You'll have highly developed problem solving and delivery skills, and able to analyse complex issues and provide recommendations to solutions. You'll be able to distil technical issues into a form that can be easily digested by non-technical stakeholders and can influence and negotiate where appropriate.

The role operates as part of a global team and periodic travel to Spain and other company locations may be required.

Due to the nature of the role, the successful candidate will need to be able to obtain NSV SC clearance - You will need to have lived continuously in the United Kingdom for a period of 5 years before being eligible to meet the Minimum Residency Criteria

Skills and experience

• Skills and experience in understanding at a technical level security operations.
• Awareness of key legislation and regulation impacting IT/OT General Control requirements in an energy utility.
• Experience in SOC functions and operations, specifically within Vulnerability Management.
• Record of academic achievement, including some form of recognised qualification from further education, such as a degree or diploma.
• Good oral and written communication skills.
• Must be a proven team player to work, promote and consolidate efficient team working relationships.

What's in it for you

As well as a competitive salary which is reviewed annually, you can also enjoy a number of other benefits. With our pension scheme, we'll double match your contribution up to a company contribution of 10%.

At ScottishPower, we believe it's the little things we do in life that make a big difference. From helping you look after your family's wellbeing, save for your future and take personal steps for climate action - our benefits are designed to help you do just that - so that you have everything you need to take care of your world - today and tomorrow. That's why our benefits include:

• 36 days annual leave
• Holiday Purchase - perfect your work/life balance with extra annual leave
• Share Schemes
• Payroll Giving and Charity Matched Funding
• Technology Vouchers - save more and spread the cost of your technology purchases
• Electric Vehicle Schemes - to help you transition to green/clean driving
• Cycle to Work scheme and Public Transport Season Ticket Loans
• Healthcare benefit options including: Dental Insurance, Private Medical Insurance, Health Cash Plan and annual Health Assessments
• Life Assurance (4x salary)
• Access to Savesmart financial wellbeing support
• Plus shopping, leisure, restaurant and gym discounts, and unique employee deals on travel insurance and more

Why ScottishPower

ScottishPower is part of the Iberdrola Group, one of the world's largest integrated utility companies and a world leader in wind energy. With a commitment to generate all of our energy from renewable resources and a drive to create the energy infrastructure of the future, we're at the forefront of the journey to Net Zero and investing over £6m every working day to make this happen. With diverse opportunities across our businesses and a commitment to invest in our own internal talent, ScottishPower can offer people real career opportunities that meet personal and professional goals, in a global organisation.

Inclusion, diversity, and a social purpose are at the heart of everything we do. Together with our values, they bring us together into a stronger, more sustainable business with direct links to the communities we serve. It takes all kinds of people to build a large-scale business like ours, so whatever your background, you'll fit right in.

ScottishPower is committed to providing reasonable support or adjustments in our recruiting processes for candidates with disabilities, long term conditions, mental health conditions, or who are neurodivergent or require pregnancy-related support.

Mobility

Please note that any applicant who is not a citizen of the country of the vacancy will be subject to compliance with the applicable immigration requirements to legally work in that country. If/when required, the Company will support the employee with the necessary Immigration requirements.