THE GIG

The Security Operations team is part of our Global Security function, with a primary focus on monitoring, detection & incident response, threat & vulnerability management, and security testing. The Security Operations Analyst role’s main objective is to operationally deliver and further mature these security services, as well as aligning to and supporting the organisational Information & Cyber Security Programme.

Core responsibilities will include investigating and responding to alerts from security tooling & services, managing security assessments, and analysing vulnerabilities for tangible business risk; working with business stakeholders to appropriately track and manage risk that is present.

This role will start in January 2025

THE STUFF THAT SETS YOU APART – CORE RESPONSIBILITIES

• Lead the monitoring and management of security systems to identify potential Security Events, Incidents or risks, ensuring that they are promptly verified, progressed and resolved appropriately.
• Respond to escalated operational security related issues for both internal and external stakeholders of Dr. Martens.
• Manage alerts, notifications and escalations to the InfoSec team, verifying whether a Security Incident exists and if so, performing required incident response. Work with technical staff and strategic partners to analyse identified attacks, contain and eradicate the sources, and assist the restoration of normal operations.
• Ensure the Vulnerability Management Programme is delivered to the required schedule. This includes arranging testing, as well as negotiating and coordinating with applicable technical teams and stakeholders for assets, including endpoints network and application vulnerability remediation.
• Ensure Security Operations BAU activities are completed promptly and to required time scales.
• Manage progress and delivery of non-BAU workloads, such as onboarding new services, tooling, and work to refine and mature existing security systems and processes.
• Oversee tickets which the Security Operations team have a stake in, ensuring they are kept up to date and engaging supporting teams, as required.
• Prepare and deliver security reporting material as required.
• Provide support where required to the InfoSec Risk and Compliance service in completing risk evaluations of technologies and service providers for both new and existing (where there are changes) services.
• Support with compliance activities within the remit of Security Operations, to support NIST, PCI-DSS and any other areas of GRC, as needed. Where required, support the InfoSec team by engaging with team managers and department heads throughout the business to ensure that Dr Martens comply with applicable regulations.
• Seek out, verify and document confirmed business risks, escalating to necessary stakeholders, where required.
• Develop, document and mature Security Operations processes, ensuring that they are aligned with any relevant requirements and work with applicable business units to incorporate into standard business process.
• Keep up to date of emerging threats and technical vulnerabilities, discerning business risk and escalating any potential threats to Dr. Martens or its assets to appropriate business stakeholders.

YOUR FUNDAMENTAL QUALITIES

It’s never just a job at Dr. Martens. It’s a way of life. We live and breathe our Fundamentals - INTEGRITY. PROFESSIONAL. PASSIONATE. TEAM PLAYERS. They define who we are and how we get the job done. We believe each role is as unique as the person who does it. To be our Security Analyst you will also possess these qualities:

• Technical knowledge to understand past & current threats and a handle on future security vendor product releases.
• Highly organized with strong written and verbal communication skills, able to convey technical content to non-technical audiences.
• Motivated and driven with a natural ability to ‘think outside of the box’.
• Demonstrable skills and knowledge in IT and Cyber Security.
• Practical knowledge of IT infrastructure.
• Practical experience with Security tooling, such as: EDR, SIEM, Vulnerability & Attack Surface Management, etc
• A good level of practical experience of vulnerability management (Experience with Qualys would be desirable).
• A good level of practical experience in analysing, responding to and managing security incidents.
• Practical knowledge of common operating systems and cloud technologies (Azure, AWS, etc).
• Information Security related certifications desirable (eg Security+, SCCP or other cyber security-related certs).

We live and breathe Rebellious Self Expression at Dr. Martens, and there are 3 core values at the heart of it. They never stand alone, but work together as a balancing act of rights and responsibilities to support how we work together at DMs. BE YOURSELF. ACT COURAGEOUSLY. SHOW YOU CARE.

WHAT’S IN IT FOR YOU?

• Hybrid working
• Welcome to the family free pair of Docs
• 65% off all Docs
• Award-winning ‘Buy As You Earn’ Dr. Martens share plan
• Private healthcare
• A dedicated culture team
• 2 paid volunteer days per year

Are you ready to fill your boots? Apply now.

At Dr. Martens, we are committed to creating an environment in which we can all be our best and bring our authentic selves to work. We encourage applications, regardless of race, colour, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, age, veteran status, or disability. Diverse and inclusive teams have a positive impact on our brand; helping us to speak authentically to our consumers.

We strive to develop a business where our people can thrive and feel empowered to express themselves. Because we believe everyone should feel supported and included whatever their role in the Dr. Martens community.