Security Analyst

Location: Angel, London, UK

Division: Ticketmaster UK

Line Manager: Director, Security Risk Management

Contract Terms: 40 hours per week

THE TEAM

The TM Security team partners with various parts of the business to secure system and network resources and protect the integrity and confidentiality of regulated data. To support this mission, the TM Security team develops processes, procedures, and policiesrequired for the protection of data. TM Security identifies risks to the security of information and systems. Mitigate these risks to levels acceptable to the organization. Defining security requirements, establishing baselines and measuring risks based onapplicable laws, regulations, and best practices. Consult with TM Global Tech teams and to investigate security issues and evaluate products and processes. Collaborating with teams and third-party regulators to develop the organizational security strategy,architecture, and risk relevance. Ensuring that effective incident response and disaster recovery plans are developed, implemented and enhanced. Responding to and recovering from disruptive and destructive information security events. Increasing organizationalawareness of security through training and communications.

THE JOB

The Security Analyst will work directly with product groups and technology teams to drive remediation efforts and ensure constant security awareness in project development and planning. The Security Analyst will be a single point of contact for their assignedtechnology teams and will provide visibility and oversight into secure development processes to the senior leadership team.

WHAT YOU WILL BE DOING
- Running security defect remediation to ground
- Creating training programs for various development and project teams
- Assisting and collaborating with other security analysts and engineers
- Helping to create security programs and developing processes that will drive agreed security strategies
- Tracking and reporting on security defect SLA compliance
- Working to tune and interpret SAST scanning results
- Leading security efforts for technology projects
- Guiding development and product teams into secure methodologies and practices
- Assisting with preparing regular reports to the Senior Executive Team
- Being an embedded point of security contact for development and product teams

WHAT YOU NEED TO KNOW (or TECHNICAL SKILLS/COMPETENCIES)
- Proven experience in information security (or a combination of education and experience)
- Proven work as a Security Analyst to include risk-based security remediation
- Scripting language proficiency
- Must be intimately familiar with OWASP top ten, CIS Benchmarks, and Cybersecurity Framework
- Experience with PCI Tier 1 and/or ISO 27001
- Experience identifying and remediating web-based vulnerabilities
- Familiarity with SIEM and other log management tools
- Familiarity with both AWS and on-prem security practices

YOU (BEHAVIOURAL SKILLS/COMPETENCIES)
- You are a proactive, results-driven and highly motivated individual
- You anticipate, identify, and define problems; seek root causes including developing and implementing practical and timely solutions
- You show a willingness to learn and improve your skills
- Organised and methodical
- You work cooperatively with colleagues, communicate clearly, accept and adapt to change
- You think in terms of desired outcomes, not just reactive, quick solutions
- Possess good interpersonal skills with the ability to work effectively with technology owners, product owners and vendors
- Excellent written, verbal communication and presentation skills