Senior Cyber Security Analyst

London, United Kingdom
Technology – Security
Full-Time
Technology. Award-winning customer service. Bleeding-edge data ability.

Simply Business is a new type of insurance company, using all of the above  to create the best possible insurance experience for small businesses and self-employed people.

We love working here, and have even taken the number one spot in the  Sunday Times Best Company To Work For 2015 and 16 lists; we’ve stopped entering now to focus on a few bigger projects, but you get the idea.
It’s a great place towork.

There are currently over 500,000 active Simply Business insurance policies in the UK alone. And we have offices in London, Northampton and Boston,USA.

Talking of offices, ours are bright, airy and geared up for really smart  working. We’re flexible, with plenty of remote workers coming in and out,  and we believe work and life should be hand in hand, rather than a juggling  act. So no need to worry about school pick-ups, or a horrible commute.

Our people are our most important asset, so we focus on building a working  life that helps us thrive, not stick. Join us and you’ll be part of our journey  to creating something even better, for our customers and ourselves.

We need a Senior Cyber Security Analyst to join us in London.

When you join Simply Business, you’ll protect us from threat actors who attempt to evade our cyber defenses. This is a hands-on technical position where you’ll play an important role in increasing the maturity of our Security Operations Centre (SOC).

Additionally, you’ll need a strong drive and willingness to learn and grow. You’ll be in a rapidly evolving environment, which will bring new challenges and opportunities for growth on a regular basis. You’ll be empowered to develop and explore your unique passion for cyber security operations.

As a Senior Cyber Security Analyst you will:

    • Be the face of InfoSec within the business. You’ll address security issues as an enabler, not a blocker, by working proactively with all teams and baking security into our tech
    • Articulate the ‘why’ behind what we do to technical and non-technical colleagues
    • Contribute in establishing a security culture throughout the business and enjoy autonomy and flexibility to experiment on ideas that could help improve InfoSec as a whole

Responsibilities include:

    • Proactively identifying and responding to potential security incidents within Simply Business’ estate, leading the response following predefined playbooks
    • Leading process improvements, delivering increased capability to detect threats and respond appropriately
    • Providing an escalation path for analysts within the team
    • Supporting the SOC Manager with technical leadership, supporting, training and mentoring analysts within the team
    • Leading threat intelligence capability development using industry leading technologies
    • Developing and improving incident response playbooks using the latest orchestration and automation tooling
    • Scrutinising operational processes, improving where necessary, and ensuring operational documentation is accurate and up to date
    • Contributing to the development of new tools, techniques, and approaches

What we are looking for:

    • Must be an SME in one of the following areas: Security Incident Response, SIEM, SOAR tooling, Vulnerability Management, threat intelligence feeds and process
    • Deep understanding of networks including common devices, protocols, and architecture
    • Deep understanding of the Cyber Attack Lifecycle or common attack types (eg Insider Threat, Phishing, DDoS), and their associated methods
    • The ability to create and maintain SIEM correlation rules, signature creation for supported IDPS and Endpoint Protection products, with a particular emphasis on threat hunting related rule creation and searches
    • Knowledge of scripting languages, and automation/orchestration methods to assist in reducing repeatable SOC processes
    • Exceptional analytical mindset and keen attention to detail

Great to haves:

    • Experience in threat hunting and threat management
    • A background in penetration testing, such as in a purple team
    • Data loss prevention tooling experience
    • Information security based qualification such as CISSP, GMON, SSCP, Sec+
We want to meet you
At Simply Business, we pride ourselves on having a diverse workforce. Unfortunately, research has shown that some candidates, particularly women and people from other underrepresented groups, are put off applying for a job if they don’t fit every single one of the criteria.

But hiring at Simply Business isn’t a box ticking exercise – we’re much more interested in meeting people who’re excited to work with us. So if this job appeals to you and you think you’d be a good fit, send us your CV. With any luck we’ll be seeing you at interview soon.

What are the benefits?

There’s all the serious (but important) stuff we call ‘core benefits’. On top of that, you can pick and choose from the more exciting options we offer – whether it’s a full gym membership or gym subsidy, comprehensive private health cover, extra holiday, or a National Trust pass. 

The ‘core’ stuff
Some of these will kick in once you’re confirmed in post, but here’s the summary:
• a salary that reflects your experience, our pay policy and the market we’re in from your first day, generous annual leave
• life assurance (financial cover for your family, should the worst happen)
• a cash plan to reimburse your everyday medical expenses
• an extra day off if you get married or move house
• an automatic enrollment pension (employer-matched at 5%) 

The fun stuff
Passed probation? Time to pick and mix from things like:
• a full gym membership
• private medical insurance
• extra days annual leave
• shopping vouchers
• dental insurance
• travel insurance

But there’s so much more to Simply Business than insurance and memberships. We also commit to flexible working options, smart working (our offices are kitted out for you to work when and how you choose), cycle to work, eye test vouchers, and season ticket loan schemes, and we have a handy online form to put in any training or conference requests.

Best of all, though, are the groups, clubs, and adventures that come with the Simply Business territory. Forget a simple Give As You Earn scheme (although we’ve got that too) – we trek the Sahara for charity, take you on weekends away, throw epic summer parties, and meet up for book groups, public speaking coaching, yoga, manicures, beer brewing, and lots, lots more.

Our values

Everything we do comes down to these five values – empowerment, authenticity, simplicity, learning and pioneering.

In practice, these will mean something unique to every  person at Simply Business, but if you’re considering working here, give them some thought. They’re at the heart of our story.

Empowerment
We believe in our people and the positive impact they can have so we enable everyone to stretchthemselves

Authenticity
We celebrate diversity, avoid jargon and genuinely care about helping small businesses thrive

Simplicity
We attempt to simplify complex solutions to save our customerstime andeffort

Learning
We’re never done learning about new possibilities and act to explore them

Pioneering
We’re obsessed with finding new ways to create even better  experiences