Overview:
Job Description

ABOUT US

IQUW is a speciality (re)insurer at Lloyd’s (Syndicate 1856) underwriting a diverse range of Property, Commercial and Speciality (re)insurance products from Cargo and Marine to Political Violence, Terror and War. We combine data, intelligent automation and human expertise to make smart decisions, fast.
ERS is the UK’s largest specialist motor insurer with an A+ rating. We recognise that for some, motor insurance is more than just a must-have; it’s a way of taking care of what stands at the heart of their passion or livelihood. For those people, standard insurance isn’t enough. That’s why we work exclusively with motor insurance brokers to help get under the skin of the most difficult insurance risks, helping build products to meet their customer’s needs.
IQUW Group has a hybrid working model that offers flexibility while maintaining opportunities for collaboration and connection with colleagues in person.
Our hybrid working model will consist of 3 days per week in the office and 2 days working remotely. Teams can coordinate specific in-office days to support collaboration and flexibility.

QUALIFICATIONS, SKILLS AND EXPERIENCE

• Relevant Cyber related Degree (desired)

• CompTIA Security+ (Essential)

• CISSP (not essential)
• Python (not essential but desirable)
• Experience working in a fast paced, data driven team
• Awareness of Attack Surface Monitoring and Threat Intelligence
• Solid understanding of ZTNA products, Email Gateways, DLP, Vulnerability Management and EDR’s

THE ROLE

A Security Operations analyst will have knowledge and understanding of modern security tools and practices. You will be responsible for monitoring, detecting, analysing and responding to Security events and incidents in a fast-paced environment. You will perform day-to-day Security Operations tasks, working with 3rd parties and an MSSP, you will also be responsible for project related tasks with a focus on maturing the tool stack with a focus on automation and efficiency.

KEY RESPONSIBILITIES

• Incident Management: Effectively manage and mitigate security incidents. You will be responsible for managing Incidents from start to finish keeping a detailed log of evidence and actions.

• Web Proxy & Private Access Management: You will be responsible for elements of our Zero Trust Network Access strategy.

• Single Sign On (SSO) Management: You will assist with a Single Sign On first approaching ensuring where possible, all web applications are integrated with our Identity Provider (IdP).
• Data Leakage Prevention: Assist with developing a DLP strategy to be enforced across our permitter controls such as Web Proxy and Email.
• Data Labelling & Classification: Using tooling, assist with a strategy to label data and apply relevant controls to applied labels.
• Endpoint Detection & Response (EDR): Be familiar with EDR tooling including Device Control. You will respond to alerts and use the EDR capabilities to respond accordingly.
• Vulnerability Management: Assess vulnerabilities that have been detected & work with the relevant teams to remediate accordingly
• Secure Email Gateway: Work to improve and enhance the Secure Email Gateway
• MSSP: Work closely with a third party to effectively manage and improve our SIEM, correlation rules and log sources.
• Proactive Security: Stay updated with the latest security threats, trends and technologies. Be proactive to enhance the organisations security posture
• Continuous Improvement: Assess and recommend improvements to optimise existing processes, automating where possible
• BAU Tasks: You will assist with BAU tasks such as tickets raised by end-users and SIEM offences that need escalating to a L2 engineer for further investigation

The above duties and responsibilities are not an exhaustive list and you may be required to undertake any other reasonable duties compatible with your experience and competencies. This description may be varied from time to time to reflect changing business requirements.