Senior Security Analyst
- The Senior Security Analyst will be working within our Security Operations Centre (SOC) to detect potential security incidents and drive an effective response. You will have the opportunity to help us continue to grow our SOC which is highly visible in our business in having a direct impact on protecting our games, systems and data.
- Day to day, you will be performing in-depth analysis and investigation of security alerts across our internal infrastructure and online platforms as well as responding to incidents together with our SOC team. You will be maintaining and optimising our SOC tooling as well as continuously improving our processes. You will connect with our global Cyber Security team and assist us in a wide range of areas to deliver on our vision to move Square Enix forward securely, together.
- The role is aimed at candidates with experience within a SOC team who are seeking to further develop their Cyber Security career in an exciting, fast moving industry.
- Performing in-depth investigation and analysis of security alerts to identify and promptly respond to security incidents.
- Maintaining and optimising SOC tools and automation platforms to continuously improve our detection and response capability.
- Collaborating with key stakeholders during investigations to gather further information and coordinate response actions.
- Influencing the build out and continuous improvement of our security operations processes, playbooks and capabilities.
- Collaborating with our Information Security team to identify and plan improvements post incident.
- Mentoring our SOC Security Analysts through knowledge transfer to enable their development.
- Conducting analysis of artefacts to support incident investigation.
- Supporting the SOC Lead by prioritising the day to day focus of regional SOC Analysts.
- Influencing the strategic direction of our Cyber Security team by presenting insight into the security events, alerts and incidents we handle.
- Consuming relevant threat intelligence to drive proactive action within the SOC and wider IT environment.
- Maintaining a broad understanding of IT/online environments and key company assets to enhance decision making and response to incidents.
This role would be suitable for a proactive individual motivated by the prospective of having a significant influence in shaping and growing our SOC. As part of this role, the candidate is expected to contribute to the maturity of our overarching Cyber Security function by supporting our Information Security and Risk Management programs.
- Head of Cyber Security, Information Security Manager, SOC Lead, IT and Online Operations teams, Studio and Development teams, Analytics, Data Protection Officer.
The successful candidate must be able to demonstrate a passion and motivation for the role, demonstrating the following qualities:
- Intuition to spot the unusual.
- Thirst for knowledge, self-study and research.
- Attention to detail.
- Ability to adapt to a changing environment.
- Desire to continuously optimise through use of scripting and automation.
- Effective communication skills with non-technical stakeholders and executives.
- Desire to document and share knowledge.
- Calmness under pressure, particularly during response situations.
- Instinct to guide and coach other SOC Analysts.
- Ability to work well within a distributed global team.
- Availability to travel internationally, when necessary.
- Availability to work out-of-office hours and remotely, when necessary.
Experience and Qualifications:
It would be desirable for the candidate to have the following experience:
- Held prior position(s) within a SOC or security team
- Background in security, IT, network engineering or administration, or software development.
- Relevant certifications such as GCIH, GCIA, GCDA, GCED, GDAT, GCFA, GCTI.
It would also be desirable for the candidate to have:
- Experience responding to or handling major cyber security incidents.
- Experience in designing and developing Security Operations capabilities.
The successful candidate should be able to demonstrate general knowledge and experience in some of the following areas:
- Querying and analysing structured log data using appropriate query languages.
- Building re-usable visualisations / dashboards for security alert triage.
- Configuration, tuning and maintenance of SOC tools (e.g. SIEM, Endpoint Detection & Response, Security Orchestration, Automation and Response platforms)
- Maintaining signature-based and anomaly alerts for SIEM solutions.
- Programming and scripting skills, including complex regular expressions.
- Working knowledge of common security vulnerabilities and exploits.
- Familiarisation with common Incident Response frameworks such as NIST.
- Strong appreciation of the cyber threat landscape and attacker tactics, techniques and procedures.
- Developing operational processes and playbooks.
- A passion for video games is highly desirable.