Hours: Full Time
Location: Hybrid remote working with 2 days per week in our VHQ Crawley, West Sussex - speak to us about what flexibility looks like for you.
Closing Date: Thursday 1st December 2022
Many of our people at Virgin work flexibly and in many different ways, including part-time, different core hours or remote working. Please talk to us at your application or interview stage about the flexibility you need. We can't promise to give you exactly what you want, but we are happy to explore what's possible for the role.
In a nutshell
At Virgin Atlantic, we believe that everyone can take on the world, and it's our vision to become the most loved travel company. As we embark on this next exciting stage of our journey, we’re harnessing our spirit of entrepreneurship and innovation to challenge the status quo.
It’s in our DNA to disrupt the market and lead the way with fresh ideas. Bringing new approaches to the industry, and remaining a loud and proud voice for positive change - be it on issues of sustainability, people or our communities. So, if you’re ready to take your career to new heights, read on.
As a Principal Threat Analyst your priority will be to identify, contain, eradicate, and recover from information security incidents. The role will require extensive Incident Response experience including developing threat hunting capabilities, security use cases and playbooks.
Day to day
Some of your key responsibilities as our Principal Threat Analyst will be:
Proactive Security Event Discovery (Threat Hunting)
• Development of the tools and processes to establish and improve the threat hunting program.
• Keeping an up-to-date understanding of the cyber threat landscape through threat intelligence and industry research. Participate in industry-based Threat Intelligence sharing groups.
• Define and design new security use cases and alerts to identify evolving attack scenarios.
• Produce reports based on threat activity, trends and reported industry incidents.
Cyber monitoring and Incident Management
• Leading security incident response processes.
• Integrating and analysing threat intelligence sources necessary to evolve our protective controls accordingly.
• Ensure our Security Incident and Event Management (SIEM) and log management capabilities are comprehensive enough to provide actionable alerts, limiting noise and false positives.
• Ensure preparedness for the most common threats and scenarios, supporting the development of playbooks.
• Re-establish an internally managed Vulnerability Management programme and mature the current security and penetration testing process.
• Reduce the organisation’s attack surface across all environments to minimise the risk of exposure.
• Provide real-time visibility of security posture and compliance, providing insightful data to management.
• Continually assure the effectiveness of security controls through regular testing.
• Own and co-ordinate penetration testing activity across the organisation’s infrastructure.
You may come from a Threat Analyst, Security Operations Analyst, 2nd line SOC analyst or similar role.
In addition to the above, we’re looking for our successful Principal Threat Analyst to demonstrate the following:
• CISSP (accredited or associate), OSCP or certificates from GIAC, CREST or equivalent are desirable.
• Good knowledge of information security frameworks such as NIST, ISO2700 series, PCI/DSS, GDPR and emerging cyber and aviation security standards.
• Demonstrable experience in a similar senior security operations role.
• Demonstrable experience of leading incident response activities through the entire lifecycle.
• A deep understanding of Windows and Linux operating systems, networking, and authentication systems.
• A deep understanding of the operations and expected outputs of security solutions from endpoint to gateway.
• Knowledge and understanding of frameworks such as the Cyber Kill Chain or MITRE ATT&CK matrix.
Be yourself – Our differences make us stronger
Our customers come from all walks of life and so do our colleagues. That’s why we’re proud to be an equal opportunity employer, and actively encourage applications from all backgrounds. At Virgin Atlantic we believe everyone can take on the world - no matter your age, gender, ethnicity, sexual orientation, disabilities, religion or beliefs. We celebrate difference, and everything that makes our colleagues unique, by upholding an inclusive environment in which we can all thrive. So that everyone at Virgin Atlantic can be themselves and know they belong.
To make your journey with us accessible, and individual to you, we encourage you to let us know if you’d like a little extra help with your application, or if you have any individual requirements at any stage along your recruitment journey. We are here to support you, so please reach out to our team, (Recruitment@fly.virgin.com) feeling confident that we’ve got your individual considerations covered.
You'll be assessed against our values for a selection of your interview process, learn more about them here: Our Values