Aviva is building an exciting new User Behaviour Analytics (UBA) capability to predict and prevent harm to its operations, data and assets from malicious insiders. We need a person with the right blend of talents to manage the system day-to-day and help refine and improve it. The UBA software draws on a wide range of data to identify abnormal behaviour in users, so as to pre-empt the malicious insider threat. But the role needs much more than just technical skills.
A sub-unit of the Group CISO incident management team runs the UBA process alongside their other duties. They conduct triage on incidents, identifying suspicious ones and quickly discarding the rest. They liaise closely with Aviva’s corporate security specialists and fraud investigators as required, as well as with data privacy, legal and HR experts. The team treads a tricky but confident path between sensitive monitoring and the maintenance of users’ data privacy. As UBA is a new system for Aviva, the team also has a role in assessing its effectiveness, refining it and improving the underlying processes as required.
The successful candidate will have an unusual blend of IT skills, business awareness and creative thinking. He/she will be comfortable with uncertainty, able to make swift, accurate and objective judgements about user behaviour, and articulate enough to communicate those judgements orally and in writing to senior non-technical readers. He/she will also be able to spot the difference between suspicious and merely unusual activity. Expertise in incident management processes and tools are essential, as is an awareness of how malicious insiders think and act. Curiosity, imagination and cold-headed judgement are as important as technical skills. An ability to work easily within a small team and with senior colleagues in other departments is essential. In brief, this role is at the heart of tackling a serious threat to Aviva’s worldwide operations, assets, reputation and even existence. It provides both intellectual interest and responsibility, and is right at the heart of our exciting new UBA capability.
Duties & Responsibilities
- Rapid and perceptive triage of UBA security incidents.
- Maintenance of data privacy while remaining operationally focused and agile
- Development of Key Performance Indicators for UBA in Aviva
- Assessing and continually improving the effectiveness of the UBA system
- Specialist UBA advice to the Group CISO
Skills & Experience required
- Familiarity with risk management principles and practices, including the NIST framework
- Experience of managing security incidents, preferably in a SOC
- Log collection/analysis, network security monitoring and incident investigation/response
- Machine learning, artificial intelligence, neural networks or similar in a security context
- Relevant programming languages e.g. Python, R, Java, SAS or SQL
- Existing UBA platforms e.g. Exabeam, Securonix or Splunk
- Financial Services experience beneficial
What will I get from this role
- Salary of up to/between £45,000 to £50,000
- Generous defined contribution pension scheme
- Annual performance related bonus and pay review
- Minimum holiday allowance of 25 days plus bank holidays and the option to buy/sell up to 5 additional days
- Up to 30% discount for some Aviva products through “My Aviva Extras” plus discounts for Friends and Family
- Excellent range of flexible benefits to include a matching share save scheme
Bring to Aviva what makes you different and we’ll support you to do the best work of your life. We encourage applications from everyone who wants to help us achieve our purpose of helping our customers to Defy Uncertainty.
One of Aviva’s core values is Care More, and this is brought to life through the flexible ways we like to work. This may include working from home some of the time, or flexible work schedules to accommodate parent and carer responsibilities, further studies and hobbies.
We prefer all applications to be submitted online, however if you require an alternative method of applying please contact Alex Stumpo in the Resourcing team at firstname.lastname@example.org