Senior CSIRT Analyst

The purpose of the Senior Analyst will be to oversee and lead the technical analysis and review of alerts and security incidents identified and raised to the CISO function. You will be a focal point for the execution of the response process and co-ordination of relevant parties when an information security incident occurs.

Reporting directly into the CSIRT Manager, you will be expected to operate at a Senior Analyst level. The role will provide subject matter leadership to the CSIRT team, you will be expected to ensure all parts of the incident investigation process and playbooks are observed and undertaken, either directly or by directing other CSIRT teams members activities, making sure that all security incidents are identified, contained, mitigated and seen through to resolution.

How you'll help us make health happen:

• Build strong relationships with the rest of the cyber security team and the wider business to collaborate on initiatives and raise awareness of the security landscape.
• Propose, monitor, evaluate and report on metrics and KPI's to provide management with an understanding of how effective the security incident, management and response services are at detecting, analysing, and responding to events, and incidents.
• Provide SME representation of the security incident, management and response function at Bupa security governance committees.
• Ensure the security incident, management and response policies, processes and procedures embed Bupa enterprise security policies, standards, tools and processes into the security incident, management, and response function.
• Provide technical liaison with strategic third-party information security suppliers and partners.
• Engage with the wider team and business to understand the security risks and threats to Bupa and use this to inform requirements for the security incident management, and response team processes.
• Foster a high performing cyber security incident management and response function with the people, processes and technologies required to detect and respond to sophisticated cyber security events across various technologies used by Bupa.
• Collaborate with the wider CISO team through the operation, development and implementation of process, procedures and tools to identify, manage, secure, and consolidate event information into actionable output capable of initiating appropriate SOC incident management services.
• Establish and operate the process, procedure, tools, measures, and metrics to ensure identification and remediation of operational deficiencies, providing KPI data from which to predict the effectiveness of CSIRT operations.
• Oversee a 24x7 incident, management and response service ensuring that Bupa's IT integrity and security is assured through a continuous process of effective monitoring.
• Support applicable Enterprise Security Policies, Standards, Tools and Processes into the incident, management, and response function.
• Liaise and work closely with Bupa's strategic third-party information security suppliers and partners.
• Provide cyber security consultancy and guidance, ensuring business needs remain compliant with industry regulations, internal information risk policies and standards.
• Identify the communication needs of each stakeholder group in conjunction with business owners and subject matter experts to translate communications / stakeholder engagement strategies into specific tasks

• At least 2 years of experience in cybersecurity, with extensive experience in Incident Response and Recovery Management, defensive security practices and threat management.
• High-level knowledge of penetration testing tools and techniques, and security testing frameworks (e.g., Nessus, Metasploit, Burp Suite, Nmap and OpenSCAP) in an offensive or defensive role.
• Experience working with Red Teaming, Purple Teaming and Attack Automation.
• Experience in security operations.
• Familiarity with industry regulations and compliance standards relating to cybersecurity, such as NIST CSF, PCI DSS, DPA 2018, GDPR and ISO 27001.
• Experience of Incident Response and Recovery Management in cloud environments (such as Azure, GCP and/or AWS) including Network Security, Zero Trust models, Containers, Containerised applications and infrastructure e.g., Kubernetes and Serverless architectures.
• Excellent analytical and problem-solving skills, with the ability to analyse complex technical issues and recommend effective solutions.
• Strong communication skills, with the ability to convey technical concepts and findings to non-technical stakeholders and senior management.
• Influencing and facilitating people within Bupa and associated market units, business teams globally and external parties (for example Bupa customers, Regulators, Third Party Suppliers, Offshore Partners and other business relationships).
• Ability to take decisive action where time is a critical factor and maintain a high degree of confidentiality, even under pressure.
• Self-motivated, capable of operating under pressure and at pace, ability to manage and prioritise own time effectively and take decisions proactively.
• Continuously raise the performance bar with a thirst for learning from knowledge-sharing, training, and expert resources

Our benefits are designed to make health happen for our people. Viva is our global wellbeing programme and includes all aspects of our health - from mental and physical, to financial, social and environmental wellbeing. We support flexible working and have a range of family friendly benefits.

Joining Bupa in this role you will receive the following benefits and more:

• 25 days holiday, increasing through length of service, with option to buy or sell
• Bupa health insurance as a benefit in kind
• An enhanced pension plan and life insurance
• Onsite gyms or local discounts where no onsite gym available
• Various other benefits and online discounts

Why Bupa?

We're a health insurer and provider. With no shareholders, our customers are our focus. Our people are all driven by the same purpose - helping people live longer, healthier, happier lives and making a better world. We make health happen by being brave, caring and responsible in everything we do.

We encourage all of our people to "Be you at Bupa", we champion diversity, and we understand the importance of our people representing the communities and customers we serve. That's why we especially encourage applications from people with diverse backgrounds and experiences.

Bupa is a Level 2 Disability Confident Employer. This means we aim to offer an interview/assessment to every disabled applicant who meets the minimum criteria for the role. We'll make sure you are treated fairly and offer reasonable adjustments as part of our recruitment process to anyone that needs them.

Time Type: Full time