Job Specifications
At Eurostar, we're ushering in a new era of European train travel. We're the only high-speed operator that directly links the UK, France, Belgium, the Netherlands, and Germany. We've got big ambitions to spark opportunity through the power of train travel, and we'd love to have you along for the ride.
An exciting opportunity has arisen to join Eurostar as its: IS Security Operations Specialist. This role is based in our head office in Kings Cross.
Internal Use Only: Role is grade F based in KP.
The Information Security Department (IS) is seeking a highly skilled and proactive Security Operations Specialist to join our cybersecurity team. In this role, you will be responsible for administering and enhancing our security monitoring and detection capabilities, ensuring rapid and effective response to cyber incidents, and driving continuous improvements across our security operations.
The main responsibilities will include overseeing and optimizing alert rules and triggers, guiding the Cyber Incident Response Team (CIRT) in Level 1 incident handling, and stepping in to manage Level 1 and Level 2 responses when needed. You will play a key role in maintaining and developing cyber response playbooks, actively monitoring IT and security infrastructure beyond the scope of our Security Operations Centers (SOCs) and ensuring alignment with organizational IT security policies and procedures.
The ideal candidate has strong analytical skills, deep knowledge of security frameworks, and a hands-on approach to identifying vulnerabilities, validating patch management, and ensuring the effectiveness of security controls across diverse domains such as Email Security, Identity and Access Management, Network and Application Security, Cloud environments, and Endpoint Protection.
Requirements
What you'll be doing
Administer and optimize security monitoring and detection tools, refining alert rules and triggers to enhance incident detection by optimizing Monitoring and Detection Systems: Consistently improve and fine-tune security monitoring tools and alert rules to maximize timely detection and minimize false positives, including the health and scope of logging agents
Provide expert guidance and support to the Cyber Incident Response Team (CIRT) for Level 1 incident response by leading and/or supporting timely and accurately Level 1 and Level 2 response to cybersecurity incidents, ensuring rapid containment, investigation, and remediation
Maintain and develop cyber response playbooks to standardize and streamline incident handling processes to keep aligned with evolving threat landscapes and organizational needs
Lead Level 1 and Level 2 responses to cyber security incidents escalated by SOCs or internal security teams when CIRT intervention is insufficient. Collect, analyse, and report security metrics regularly to provide actionable insights and maintain an up-to-date IT Security Dashboard and KPIs
Monitor IT and security infrastructure areas not covered by SOCs, ensuring comprehensive threat detection
Collect, analyse, and report security metrics to update KPIs and maintain the IT Security Dashboard
Identify and assess vulnerabilities and misconfigurations within IT security systems, services (e.g., email, DNS, Active Directory), and infrastructure
Ensure systems, equipment, and processes comply with internal IT security policies and standards
Vulnerability and Patch Management Oversight: Identify security vulnerabilities and misconfigurations proactively, track remediation progress, and validate the effectiveness of patch management processes
Extended Security Coverage: Provide proactive monitoring and support for IT and security infrastructure areas outside of SOC scope to ensure comprehensive threat visibility and protection
Assist and support the IT Security colleagues on IT Security initiatives when required.
Keep current on technological developments in relation to cyber technologies and threats
You'll need to have the following
Essential
Minimum bachelor's degree in computer science, Information Security, Cybersecurity, or a related discipline
Relevant certifications such as CISSP, CISM, GIAC (GCIH, GCIA), CEH, or equivalent are highly preferred
Minium 3 years' experience in security operations, incident response, or SOC analyst roles
Proven expertise in managing and optimizing security monitoring and detection tools, including SIEM, IDS/IPS, and Endpoint Detection & Response platforms
Demonstrated ability to develop, maintain, and execute cyber response playbooks and incident handling procedures
Experience responding to Level 1 and Level 2 cybersecurity incidents and coordinating escalation processes
Solid background in vulnerability management, patch management validation, and compliance assurance
Strong familiarity with key security domains such as Email Security, Identity and Access Management, Network and Application Security, Cloud Security, DDoS & Bot protection, and Endpoint Security
Without being an expert in all technologies, already has knowledge and experience of configuration and trace analysis on the following systems:
AWS, Azure and Microsoft 365 Security
Endpoint Detection and Response
Firewall and VPN
Network Anomalies reporting tools
SIEM Technology
Experience with working with third party service providers
Desirable
MDM
WAF
SQL
Excellent analytical skills with the ability to interpret complex security data and incidents
Strong verbal and written communication skills, with experience guiding teams and collaborating across departments
Ability to perform well under pressure and maintain focus during critical incidents
Detail-oriented with a commitment to maintaining security policy compliance and operational excellence
Passionate about continuous learning and staying current with evolving cybersecurity threats and technologies
Benefits
We're constantly working to create a bright future for our company and our colleagues. That's why we offer a wide range of brilliant benefits, including:
Travel benefits that can be used for both work and play including 75% off underground network from Day 1
Competitive defined benefit pension scheme
Free Eurostar tickets
Discounted Eurostar tickets for friends and family
Ongoing training and development
Lots of other exclusive deals, discounts, and perks
A whole new platform for your career - If you think you've got what it takes to help us make Eurostar bigger and better than ever before then we'd love to hear from you.
At Eurostar we believe in giving everyone an equal chance. We actively encourage applications from talented individuals regardless of sex, race, disability, age, sexual orientation, gender identity, religion or belief, marital status, whether you're pregnant or on maternity leave.