Global Security Analyst

Addison Lee is on a long-term journey to deliver a new consolidated global service, building on its world-leading regional ground transportation services. In support of this, our Global Operations needs to be secured and protected from increased cyber threats.

This role covers information protection, including data loss protection and data classification, and threat protection, including security information and event management (SIEM), user and entity behaviour analytics (UEBA), point products like anti-virus (AV) and intrusion detection system/intrusion prevention system (IDS/IPS) and penetration testing.

The Service Delivery team consists of approximately 40 staff who support and operate the Addison Lee Group internationally.

An opportunity has arisen for a Global Security Analyst to deliver all the security services across the Addison Lee Group.

Role Overview

  • To ensure that all Addison Lee Group security services are fit for purpose and managed effectively.
  • Proactively review and test global environments to ensure that ALG is protected from the changing threat of cyber crime
  • Key technology contact for all security alerts and notifications from operational security solutions
  • Addison Lee is ISO 27001 accredited and the candidate will be required to deliver the IT general controls to support the move to certification

Responsibilities:

  • Technical management for all Addison Lee Group security solutions, including all the 3rd party managed services
  • Maintain the overall security of Addison Lee’s network, systems, and data
  • Monitor security access and manage IDS/IPS configurations
  • Establishing and implementing security ‘best-practice’ standards as well as departmental policies and procedures
  • Responsible for Security scanning and the efficient remediation of vulnerabilities, as appropriate
  • Responsible for analysing all security incidents to determine root cause
  • Determine, recommend and implement upgrade security measures and controls
  • Delivery security responses for customer and client compliance requirements
  • Developing and managing security plans with vendors
  • Audit activities of administrators and conduct Security awareness training

Key Stakeholders:

Security Architect, Risk and Compliance, Managed Security suppliers, and the Operational Support teams.

Essential Attributes and experience:

  • Minimum 5 years of Security leadership and 3rd party management experience
  • CISSP certification preferred
  • Compliance knowledge required in ISO27001, PCI and GDPR, or similar. Possibly certified ethical hacker
  • Knowledge of Security technologies is required, such as network appliances, firewall administration, AD, IAM, PAM, SIEM, UEBA, AV, IDS/IPS and MDM solutions
  • Understanding of common frameworks, such as ITIL or LEAN is preferred
  • Good exposure of user environment management, including desktops/laptops, profile management, access control methodologies
  • Must be very proactive in understanding and staying up-to-date in current security technologies and industry technology trends

Hours

Normal hours cover 8am to 6pm, Monday to Friday.

Special Circumstances

From time to time it may be necessary for the jobholder to be flexible in meeting the needs of the company and its customers. This may require the jobholder to work extra hours or carry out other duties, which are not listed in this description.

Apply