Senior Cyber Operations Analyst

Job Title: Senior Cyber Operations Analyst

Location: Pune

About Barclays

Barclays is a British universal bank. We are diversified by business, by different types of customers and clients, and by geography. Our businesses include consumer banking and payments operations around the world, as well as a top-tier, full service, global corporate and investment bank, all of which are supported by our service company which provides technology, operations and functional services across the Group.

Risk and Control Objective

Ensure that all activities and duties are carried out in full compliance with regulatory requirements, Enterprise Wide Risk Management Framework and internal Barclays Policies and Policy Standards.

Working Flexibly

We’re committed to providing a supportive and inclusive culture and environment for you to work in. This environment recognises and supports ways to balance your personal needs, alongside the professional needs of our business. Providing the opportunity for all our employees, globally to work flexibly empowers each of us to work in a way that suits our lives as well as enabling us to better service our customers’ and clients’ needs. Whether you have family commitments or you’re a carer, or whether you need study time or wish to pursue personal interests, our approach to working flexibly is designed to help you balance your life.

If you would like some flexibility then please discuss this with the hiring manager.

• Cybercrime and cyber-attacks against institutions are growing considerably in quality, quantity, and complexity, targeting both private industry and national critical infrastructure. However, a holistic approach across all security disciplines is required to ensure that these are mitigated successfully. Successful attacks against organizations can result in significant disruptions to business transactions, operations, and client activities, as well as regulatory scrutiny, reputational harm and brand tarnishment.

• As a global bank, Barclays is at the crosshair of cyber criminals. As an organization that process financial transactions, stores and transmits sensitive client information, and participates in the global financial marketplace, Barclays is an attractive target to organized criminals, hackers and hacktivists. Barclays can expect to see a continued increase in the number and sophistication of cyber-attacks against it, its partners, and its employees and clients. This is made more of a critical issue given the bank’s strategy of providing more and more of its services and products online and via mobile channels.

• The developments described above require a different and much more proactive and intelligence led cyber defence, compared to the normal reactive and incident based defences built over the last 20 years. The modern Chief Security Office develops and operates tools that are used by internal groups for protecting information, understanding internal systems and networks in order to prevent attacks, and analysing information to determine whether the organization is under attack. In addition, other tools used in the day to day management of employees or systems may be managed by the Chief Security Office if they are related to its mission of protecting the assets of the company and its customers

What will you be doing?

This role will be a 24x7x365 analyst position [Shifted pattern] within our Joint Operations Centre in Pune, part of a globally distributed operational team that performs the following mission-critical functions:

• 1st/2nd line analysis, triage and escalation of security events within the SIEM, through to escalation and remediation of detected security incidents.


• Coordinate and support remediation activities within scope. Understand when to escalate events and to whom; Track and report security incidents to remediate and drive closure.


• Utilise existing processes and technologies in place, to detect, respond and prevent malicious electronic attacks to Barclays’ networks and network estate; provide guidance to identify attacks, attacker’s suitable mitigation techniques.


• 1st line point of contact, providing command, control and reporting support to Major Incident Management teams for all security incidents.


• Interprets, analyses and reports all events and anomalies in accordance with cyber security related directives, including initiating, responding and reporting discovered event.


• Analysis of Intelligence information to ensure enhanced detection, as well as improvement of functional capability.


• Help deliver, technical detection and response programs and initiatives; leveraging previous experience, methods & tools to provide value for the organization through risk reduction.


• Support identification, enhancement, improvement and delivery of monitoring and response methods and processes, to reduce risk to the Organisation.

What we’re looking for:

• Proficiency in SIEM technologies & usability in a Large & Complex Computing Environment.


• Analysis and response of detected security incidents, timely escalation and drive to ensure the closure of incidents.


• Incident Response skills including proficiency in PCAP Capture, Network Analysis, and Traffic Patterns.


• Identify attacks and malware (Trojans, Ransomware, etc.) analysing event data generated from proxy, endpoints, IDS, MPS, network devices etc.

Skills that will help you in the role:

• Proficiency of Operating System fundamentals and OS Security (Windows & Linux);


• Proficiency in Networking Principles, Protocols, & Practices;


• Understanding of traditional ITIL concepts Incident, Change and Problem management;

• Understanding of Cloud Security Principles (AWS/Google/Azure)


• Understanding of Open Source network analysis tools, and Open-source intelligence tools (OSINT).

• In-depth knowledge of the Cyber Kill-Chain, Intelligence-driven defence and security architectures.


• Ability to help write concise reports based on complex data with accuracy, brevity, and speed.


• Understanding of Ethical Hacking from the perspective of a Blue-team member; the countermeasures and mitigation controls which can be implemented to minimise the threat landscape and risk to an organisation.


• Appreciation of End Point security products including firewalls, Anti-virus and network access control.


• Appreciation for programme and project management methodologies.


• Experience delivering technical detection and response programs and initiatives is also desirable.


• Active SANS certifications in the areas of network, incident handling, malware and forensic analysis (GREM, GCIA, GCFA, GCIH) are desirable, but not essential.


• Strong working knowledge of Splunk and the Splunk Query Language.


• Understanding and experience of reverse-engineering malware would also be beneficial, but is not essential.


• A good technical understanding of the threats against the financial industry from both the physical and Cyber threat domains


• Proficiency in Phishing Threat Types (Targeted Spear, Broad-based SPAM, Targeted Industry, Whaling, etc.)

Where will you be working?

Pune

Be More at Barclays

At Barclays, each day is about being more – as a professional, and as a person. ‘Be More @ Barclays’ represents our core promise to all current and future employees. It’s the characteristic that we want to be associated with as an employer, and at the heart of every employee experience. We empower our colleagues to Be More Globally Connected, working on international projects that improve the way millions of customers handle their finances. Be More Inspired by working alongside the most talented people in the industry, and delivering imaginative new solutions that are redefining the future of finance. Be More Impactful by having the opportunity to work on cutting-edge projects, and Be More Valued for who you are.

Interested and want to know more about Barclays? Visit home.barclays/who-we-are/ for more details.

Our Values

Purpose, Values and Mindset

We deploy finance responsibly to support people and businesses, acting with empathy and integrity, championing innovation and sustainability, for the common good and the long term.

Our values underpin everything we do: Respect, Integrity, Service, Excellence and Stewardship.

Respect

We harness the power of diversity and inclusion in our business, trust those we work with, and value everyone's contribution.

Integrity

We operate with honesty, transparency and fairness in all we do.

Service

We act with empathy and humility, putting the people and businesses we serve at the centre of what we do.

Excellence

We champion innovation, and use our energy, expertise and resources to make a positive difference.

Stewardship

We prize sustainability, and are passionate about leaving things better than we found them.

Our Mindset shapes how we take action, living by our Values, driven by our Purpose, always with our customers and clients at the heart of what we do; our Mindset is to Empower, Challenge and Drive.

Empower

Trust and support each other to deliver. Make decisions with those closest to the topic. Include diverse perspectives. Celebrate success and learn from failure.

Challenge

Question whether things can be done better. Use insights based on data to inform decisions. Be curious about how we can adapt and improve. Speak up and be open to alternative viewpoints.

Drive

Focus on outcomes. Deliver with pace. Be passionate and ambitious about what we do. Take personal responsibility. Actively build collaborative relationships to get things done.

Our Diversity

We aim to foster a culture where individuals of all backgrounds feel confident in bringing their whole selves to work, feel included and their talents are nurtured, empowering them to contribute fully to our vision and goals.

Our Benefits

Our customers are unique. The same goes for our colleagues. That's why at Barclays we offer a range of benefits, allowing every colleague to choose the best options for their personal circumstances. These include a competitive salary and pension, health care and all the tools, technology and support to help you become the very best you can be. We are proud of our flexible working options for colleagues. If you have a need for flexibility, then please discuss this with us.