Cyber Security Specialist

Virgin Atlantic
Crawley, United Kingdom
yesterday

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English

Job location

Crawley, United Kingdom

Tech stack

Computer Security
Intrusion Detection and Prevention
PCI Data Security Standards
Red Team (Cyber Security)
Security Information and Event Management
Systems Integration
Data Logging
Mitre Att&ck
Cybercrime
Purple Team (Cyber Security)
Cyber Warfare

Job description

Our Cyber Security team plays a critical role in protecting our customers, people, operations and technology environment, helping us deliver safe, resilient and secure experiences across the airline.

We're looking for a technically capable and proactive Cyber Operations Specialist to join our Information & Cyber Security team. This is an exciting opportunity for someone with experience in cyber operations, security monitoring, incident response or SIEM engineering who wants to help strengthen operational cyber resilience in a complex, fast-moving enterprise environment.

Day to day

As part of our Cyber Operations capability, you'll help protect Virgin Atlantic by strengthening how we monitor, detect and respond to cyber threats across our technology estate.

You'll work closely with internal technology teams, managed security providers and specialist partners to improve detection coverage, telemetry quality, response readiness and operational security tooling. It's a great opportunity for someone who enjoys practical problem-solving, thoughtful collaboration and making security operations better every day.

  • Support cyber incident triage, investigation, containment, evidence gathering, escalation and lessons-learned activity.
  • Develop and tune detection rules, SIEM use cases and alerting logic, using threat analysis, incident learning and known attacker techniques.
  • Support SIEM engineering, log-source onboarding, parser validation and improvements to telemetry quality.
  • Maintain and improve security tooling, integrations and automation workflows, including opportunities to streamline operational activity.
  • Support red team, purple team and threat-led testing from a logging, detection, response and evidence-capture perspective.
  • Work with infrastructure, cloud, endpoint, identity, network, application and platform teams to improve security visibility, response capability and operational resilience.

Requirements

You'll be someone who brings cyber operations experience, technical curiosity and a collaborative mindset, with a real interest in improving monitoring, detection and response outcomes.

  • You have experience in cyber security operations, SOC, MDR, security monitoring, incident response or a similar operational security environment.
  • You're comfortable working with SIEM platforms, detection engineering, alert tuning, log-source onboarding, telemetry analysis or data-quality improvement.
  • You understand threat analysis, defensive monitoring concepts, intrusion methods and common attacker techniques, and can turn insight into practical action.
  • You've worked with security tooling, workflow optimisation, integrations, automation or SOAR processes, and enjoy finding better ways of working.
  • You can communicate technical security issues clearly to different audiences and influence through evidence, expertise and thoughtful challenge.
  • You bring a good understanding of cyber security frameworks such as NIST CSF, ISO/IEC 27001, MITRE ATT&CK or PCI DSS. A relevant certification would be helpful, but equivalent practical experience is just as valued.

About the company

At Virgin Atlantic Airways, we believe that everyone can take on the world, and it's our vision to become the most loved travel company. As we embark on this next exciting stage of our journey, we're harnessing our spirit of entrepreneurship and innovation to challenge the status quo.

Apply for this position