Security Analyst (Operations) - Solihull, B90 8BGMake a Home at Taylor WimpeyAt Taylor Wimpey, we don’t just build houses; we build futures. Not just for the people who live in our homes, but for our own people too. When we bring our collective skills together, we make amazing things happen - for ourselves, for each other and for our customers. There are incredible opportunities on your doorstep, and we want you to discover them all. With 22 regional offices across the UK and operations in Spain, we bring our vision to life locally. Here, you’ll be given the tools to develop your skills and the freedom to explore new avenues. Share your ideas, experience a no-blame culture, and shape your work around your life.Every single one of us plays a vital role in bringing to life incredible places and spaces, where anyone can thrive. We believe in making a positive difference to our planet, as well as to people. Home to work that matters, and you can be a part of it.Job SummaryAs a security analyst you will be responsible for analyzing, maintaining and implementing the Cyber Security requirements of Taylor Wimpey. This specific role will have a focus on ensuring that TW implement and maintain good and recommended security practices on all our live services, with a special focus on Microsoft services. You will be responsible for both monitoring and reporting upon the threat status of Taylor Wimpey. You will be working within a cyber security team and may be expected to undertake a wide variety of functions to help deliver a secure environment. You will be expected to digest, summarise and provide recommendations based upon a range of security information from a range of third parties.Primary ResponsibilitiesReview and ensure the Taylor Wimpey security standards and best security practices are being utilised across all existing infrastructure and application servicesSelf-sufficient in developing skills and knowledge in understanding how to protect against new security TTPs as identifiedReview and analyse data provided from Microsoft Defender and Sentinel systemReview, test and raise changes to meet Microsoft recommended security enhancements, and track their deliveryMonitor and track new advice on the security services and products in use within the Taylor Wimpey estateRaise and ensure implementation of new security practices, or security improvements, in existing infrastructure services, and systems, primarily MicrosoftReviewing and managing the current best security practices for a variety of systems, including:Microsoft O/SSQL databaseM365O365Power BIDynamicsPower AppsAzure Cloud environmentActive DirectoryThird party SaaS providersApplication vendorsNetwork SecurityIdentity management and controlA wide range of onsite systems and applicationsEnsuring best security practices are reviewed as soon as released and recommendations provided to TW where appropriateAbility to pragmatically recommend and prioritise required implementation effort based upon Taylor Wimpey risk appetiteEnsure TW maintain currency with security best practice and configuration recommendations for a variety of systemsProvide recommendations on improvements to security environments, including detailed configuration setupsDevelop and manage a roadmap of work to ensure new advice and risks are managed within the current infrastructurePreferred, not essential, skills to program using Power Bi and Power apps (using a range of inputs and logs) to ensure system security information is analysed effectively and appropriate messages are identified to assist Taylor Wimpey management to make effective risk and resource decisions.Engage with (external and internal) support teams to ensure remediation plans are created for any identified risks (or risks are accepted)Ensuring security architectures implemented fully by existing systems, and deliver all the security requirements defined within the Taylor Wimpey ISMS and best practicesIdentify and develop appropriate means of investigation to ensure risks are identifiedResearching and evaluating new security products and solutions, and recommending them to improve the organization’s security posture Participating in incident response and recovery activities, such as investigating breaches, containing attacks, restoring systems, etcGenerating reports and dashboards to communicate the status and performance of security environment to stakeholdersArticulate and raise risks where requiredCollaborate with support Service Providers, IT and business stakeholdersAnalyze general industry standards to ensure compliance within TW appropriate to the risk appetite of TW, these include:NCSCCISA recommendationsISF SOGP changesCE + demandsISO 27001NISTExperience, Qualifications, Technical RequirementsPrevious operational cyber security industry experience – 3 years minimum.Demonstrable experience of working in a cybersecurity operations role Self motivated and able to work autonomouslyKnowledge of Cyber Security Risk ManagementPower BI SkillsPower Apps SkillsFormal Security qualifications an advantage – ie CISM or equivalentMicrosoft security configuration experience and expertiseSecurity administration on critical systems, such as MicrosoftAbility to work with various levels of management and SMEs Proven track record in undertaking security operations within complex organisational environmentsProficiency in security assessment tools and methodologiesAbility to assess complex security issues, developing metrics and providing effective solutionsUnderstanding of key business and IT trends which may influence future strategiesWhat we offer at Taylor WimpeyAt Taylor Wimpey, we are committed to enabling you to make a home with us. Our work is not just about building homes; it's about doing work that matters, making a positive impact on the lives of our customers and the communities we serve.We enjoy many benefits as standard, including excellent retail discounts, company funded life insurance and private healthcare, and access to a quality pension scheme with company contributions. We also offer our discounted house purchase scheme, car leasing scheme and share plans, as well as the opportunity to tailor your benefit package to suit your needs with options such as buying extra annual leave or adding dependants to your benefit cover. Our total reward offer works perfectly with our culture, we are a welcoming community where everyone can feel at home. We create a home to your future by providing opportunities for growth and development. We offer industry leading professional training and development, which supports you to unlock your potential and fulfil your career and personal goals in a variety of opportunities and environments. We look to develop our people in the skills and areas they are most interested in, leveraging your qualities and appreciating your unique competencies, skills and expertise that, when we come together, make this a great place to work.If you want to do work that matters and build a career that lasts, make a home at Taylor Wimpey. Inclusivity StatementAs a proud Disability Confident Employer, Taylor Wimpey is committed to creating a diverse and inclusive workforce. We actively collaborate with individuals who have disabilities and long-term health conditions which have an effect on their ability to do normal daily activities, ensuring that barriers are eliminated when it comes to employment opportunities. In line with our commitment, we guarantee an interview to applicants who declare to us during the application process that they have a disability and meet the minimum requirements for the role. Join us in building a truly diverse and empowered team.Internal Applicants:Please inform your line manager if you wish to apply for this role.
