Senior Security Analyst
Location: London
Contract Type: Permanent
Work Pattern: Full Time and Hybrid (up to 2 days a week in London)
Often parodied but always valued, the CISO team is arguably the most called upon team within any organisation, including ours. Your knowledge and expertise is without question but what truly sets you apart is your ability to communicate and explain solutions in simple terms, having a laser focus on risk, being customer-centric, with integrity and a passion for excellence in your DNA.
This Senior Security Analyst role will ensure the CISO team continues to manage optimally its Managed Security Provider and have a laser focus on the Detect and Respond capability of MSA.
About The Job
What you’ll spend your time doing:

While there is rarely a ‘typical’ day within this role, here’s a snapshot of some of the key parts of the job:

• Responsible for helping maintain an optimal incident response capability. Assume perimeter has been accessed by an attacker and ensure optimal response capability is in place to manage different types of attack.
• Current confidence in the third-party provider, needs to be maintained. To help with the relationship with a fix or flag approach being created. To manage risk and issues log and ensure progress made.
• Create single truth reporting with understandable KPIs based on 5x5 risk assessments to improve reporting of cyber security posture to key stakeholders.
• Regular meetings with senior stakeholders e.g. COOs, CISO, etc to advise on the progress of key objectives and report against the agreed KPIs/KRIs.
• Regular meetings with the CISO at least weekly to report on current status of key deliverables.

You’re going to enjoy this job if you also…

• Have prior experience within the Cyber Security area.
• Enjoy communicating in a simple, clear and concise manner to different target audiences
• A high degree of independence, integrity and confidentiality.
• Have very good interpersonal skills with the ability to communicate effectively verbally and in writing with all levels within the organization, including both technical and non-technical personnel.
• Are organised and able to multi-task and manage concurrent deadlines.

What you’ll need:

For this particular role there are some important qualifications and experience we need you to have. These include:

• Experience in triaging, investigating and resolving security incidents.
• Experience in managing and coordinating security incidents.
• Develop and progress key deliverables as specified by the CISO and the Cyber Security SteerCo.
• Work with our IT Outsource Provider to progress key risks and issues via the log and ensure the detection and incident management process and capability is effective at all times.
• Work with external vendors as needed to establish best practice in cyber risk management.

What you can expect from us:

• Competitive Base Salary
• Performance Related Discretionary Bonus
• Holiday: 28 days core annual leave, and you can buy up to 5 days
• Pension: A minimum 2% employee contribution plus 7% MS Amlin contribution (9%) up to a maximum of 5% employee contribution plus 13% MS Amlin contribution (18%)
• Private Medical: cover for yourself. Family members/dependants can be added
• Flex Fund: £1,000 (pro-rated based on start date) to spend on flexible benefits
• Life Assurance: 10 x annualised base salary

About Ms Amlin
MS Amlin is part of a global top-10 insurance group, MS&AD. We’re made up of four distinct businesses covering global reinsurance, Lloyds franchise, local specialty insurer, and business services.
This role sits within our Business Services division (MS ABS) which supports our entire organisation through legal, HR, facilities management, marketing, IT, risk management, compliance and finance.

Li-hybrid #MSABS

While there is rarely a ‘typical’ day within this role, here’s a snapshot of some of the key parts of the job:

• Responsible for helping maintain an optimal incident response capability. Assume perimeter has been accessed by an attacker and ensure optimal response capability is in place to manage different types of attack.
• Current confidence in the third-party provider, needs to be maintained. To help with the relationship with a fix or flag approach being created. To manage risk and issues log and ensure progress made.
• Create single truth reporting with understandable KPIs based on 5x5 risk assessments to improve reporting of cyber security posture to key stakeholders.
• Regular meetings with senior stakeholders e.g. COOs, CISO, etc to advise on the progress of key objectives and report against the agreed KPIs/KRIs.
• Regular meetings with the CISO at least weekly to report on current status of key deliverables

For this particular role there are some important qualifications and experience we need you to have. These include:

• Experience in triaging, investigating and resolving security incidents.
• Experience in managing and coordinating security incidents.
• Develop and progress key deliverables as specified by the CISO and the Cyber Security SteerCo.
• Work with our IT Outsource Provider to progress key risks and issues via the log and ensure the detection and incident management process and capability is effective at all times.
• Work with external vendors as needed to establish best practice in cyber risk management