- 99 City Rd, London, UK Full-time
- Level: Employee - Standard
Inmarsat has been at the forefront of global mobile satellite communications for over forty years, and is the market leading provider of voice and high-speed data communications for users on land, at sea and in the air through its constellation of 13 geostationary satellites. Inmarsat plc is a FTSE listed company with a profitable track record and significant growth aspirations. This is represented by more than 55 nationalities in the workforce, reflecting the global and dynamic nature of the business. With an investment of over $3 billion in its latest network infrastructure, Inmarsat is at the forefront of global mobile communications innovation.
Chief Operations Office
Inmarsat’s Chief Operations Office (COO) plays a vital role managing the services that keep our business running and delivering to our customers. COO consists of 9 functions from Satellite Operations to Customer Service and Service Delivery, Network Operations and Service Assurance to Group IT, One IT, Cyber Security and the Digital office.
Primary role purpose:
Inmarsat Group Operation (COO) manages all of Inmarsat’s communications networks, which provides data communications to various sites and systems as part of Business Infrastructure and Revenue earning systems. These networks are critical to Inmarsat’s revenue generation and have to be treated as such to provide secure, resilient and timely movement of data. The networks are being expanded as new Inmarsat offices are opened, new systems implemented, new requirements formulated, and to meet current industry standards and best practises.
As part of this network expansion we are looking for a 24x7 Security Analyst (Incident Handler) who will conduct vulnerability assessments and monitor systems, networks, databases and Web hosted services for potential system breaches
Key responsibilities of the position
- Act as a first line security event analyst monitoring the Security Information and Event Management (SIEM) System. Monitor the alarm console; provide initial analysis of logs and network traffic; and make security event determinations on alarm severity, escalation, and response
- Report, investigate and resolve security incidents. Educate and communicate security requirements and procedures to all users and new employees
- Deliver first level investigation and remediation activities as a member of the Security Incident Response Team. Participate in Security Incident Response Team (SIRT) events
- Conduct research and assessments of security events; provide analysis of firewall, IDS, anti-virus and other network sensor produced events; present findings as input to SIRT
- Create and update security event investigation notes, conduct shift change reports on open cases, and maintain case data in the Incident Response Management platform
- Document information security operations policies, process and procedures.
- Participate in a Compliance/Vulnerability Assessment (VA) Scanning Capability. Following a documented process for routine scanning of Inmarsat infrastructure and network elements.
- Develop mitigation and remediation plans as a result of the vulnerability assessment findings
- Monitor threat and vulnerability news services for any relevant information that may impact installed infrastructure. Analyse reports to understand threat campaign(s) techniques, lateral movements and extract indicators of compromise (IOCs)
- Recommend changes to enhance systems security and prevent unauthorised access. Research security trends, new methods and techniques used in unauthorised access of data in order to pre-emptively eliminate the possibility of system breach. Ensure compliance with regulations and privacy laws
- The post will require rotating 24X7 shift work to include daytime, night time, and weekend work
Essential Knowledge and Skills:
- Ability to perform rotating shift work
- A University degree level education or equivalent in Information Security, Forensics, or Computer Science; related experience and/or training in the field of IT security monitoring and analysis, cyber threat analysis, and vulnerability analysis
- Understanding of performing 1st level analysis and interpretation of information from SOC systems; incident identification/analysis, escalation procedures, and reduction of false-positives
- SANS Global Information Assurance Certification (GIAC), SANS Certified Incident Handler (GCIH), SANS GIAC Certified Intrusion Analyst (GCIA), or equivalent certification would be advantageous
- Intermediate knowledge of Information Security fundamentals, technologies, and design principals
- Understanding or proven experience in securing Windows, Linux, Oracle and VM platforms
- Understanding or proven experience of QRadar or similar Security Information and Event Management (SIEM) tools for analysing network and security incidents
- Experience in using vulnerability Assessment (VA) scanners to identify network and platform risks and mis-configurations
- Willingness to learn new skills and be self-motivated
- Ability to work in a team environment, to work under pressure and show flexibility
- Excellent verbal and written communication skills in English
You must be eligible to work in this location advertised.
Our values define Inmarsat’s culture and represent what we believe in. Inmarsat employees aspire to certain behaviours which support our corporate values, they create a stronger working environment and lie at the heart of our continued success as an organisation.
- Accountability – taking ownership, getting results and keeping our promises
- Respect – collaborating, embracing diversity and valuing differences
- Excellence – creating bold solutions for our customers and putting quality at the heart of everything we do