Cybersecurity Operations Analyst

Cybersecurity Command Center / Security Operations Analyst

Aon is seeking a Security Operations Analyst to join its growing Cybersecurity Command Center.

This technical position is responsible for eyes on glass monitoring, investigation and response to security incidents impacting Aon and its partner systems. As part of a globally diverse team, you will use information collected from a variety of sources to identify, analyse and report security events to protect the firm’s information, networks and systems from cybersecurity threats.

• Analyse events from various information sources within the environment and action any potential security concerns.
• Responsible for the successful execution of incident handling procedures as well as direct response to security incidents.
• Analyse and identify technical and procedural vulnerabilities, providing recommendations that enable timely remediation.
• Conduct host based and network forensics, log analysis and malware triage supporting incident response.
• Maintain current knowledge of and recognize attacker tools, tactics, and procedures to produce indicators of compromise (IOCs) that can be utilized during active and future investigations.
• Examine network topologies and application designs to understand and identify data flows throughout the environment.
• Assist with the creation of processes and procedures, technical documentation and completion of project goals.
• Provide regular feedback to enhance our security monitoring, response and controls.
• Develop and oversee reporting that provide analytics and metrics to the global Cybersecurity Command Center.

• 2+ years experience working in a Security Operations Center.
• Strong written and verbal communication skills, must be able to articulate complex technical analysis to both technical and non-technical audiences.
• Comprehensive understanding of TCP/IP, Web, Linux, Windows and related technologies.
• Experience reviewing and correlating raw log files in a security capacity (eg: AV, IDS, Firewall, Netflow, Database, etc).
• Strong understanding of regular expressions and pattern matching.
• Experience with common network tools (eg: traceroute, ping, nslookup).
• Experience with common command line tools (eg: sed, awk, cut).
• Ability to conduct packet analysis using common tools such as tcpdump, tshark, Wireshark.
• Understand intrusion tools and techniques and detection methods at both the network and host level.
• Understanding of common detection and prevention technologies such as AV, IDS/IPS, DLP, Proxy, Firewalls, etc).
• Experience analysing malware through static or dynamic analysis.
• Spotless record and strong ethos

• The best medical cover on the market with free dental care
• Generous benefits package for your wellbeing (multisport cards, insurance, vouchers, and many more!)
• Stability of employment and permanent contract after trial period
• Brand new office supporting collaboration, flexibility and activity based working
• Internal career opportunities and individual development plan
• Unique workplace culture - we value openness, honesty and authenticity, so don't expect formal dress code nor managers hidden behind closed doors
• Lots of social events, charity actions and opportunities to integrate with colleagues