Security Operations Engineer (SOC)
Location: Manchester
Experis are currently looking for a Security Engineer/SOC Engineer for a public sector client to provide detailed hands on technical security support and management to a highly available infrastructure estate across 7 UK sites.
Responsibilities
- Provide security operational support for solutions deployed across our infrastructure.
- Complete reviews of the current infrastructure estate in terms of security compliance and vulnerabilities. Identify areas of non-compliance and ensure areas of weakness are enhanced.
- Provide analysis and trending of security log data from a number of security tools and advise on or take appropriate action.
- Assist in the conduct of security audits of technical solutions detailing recommendations, improvements and corrective actions.
- Perform monitoring and analysis of security tools and logs for indications of attacks.
- Lead the technical response to security incidents and document progress as required.
- Work closely with Infrastructure and Cyber Security Managers when managing issues related to infrastructure security.
- Work on projects to ensure security requirements are documented in the service design package and have been met.
- Provide support for vulnerability assessment tools and work closely with infrastructure teams to prioritise and remediate identified findings.
- Manage the schedule for vulnerability assessments and provide necessary reports associated with the schedule on a timely basis.
- Work with cloud based suppliers who host systems that are entirely remote or heavily integrated with our own internal infrastructure.
- Diagnose security incidents and identify the root cause. Recommend and implement temporary workarounds for known errors and identify areas that would provide mitigations against the incidents re-occurring.
Key Experience Required
- DarkTrace Exposure 2-3 years
- Rapid 7 Exposure 3 Years
- Extensive SCCM / Config Manager Packaging Experience 3 years
- Palo Alto Firewall Experience 3 years
- Office 365 Admin experience in configuring and hardening/managing O365 config
- Experience Scoping Penetrations Tests
- Vulnerability Management exposure - Remediation 3 years' experience
- Patch Management Exposure
- Change Management Exposure
Technical
- Possess a good understanding of security architectures and topologies and the techniques needed to support security infrastructure solutions in enterprise environments.
- Possess a good understanding and detailed knowledge of security tool sets with the techniques needed to support security infrastructure solutions in enterprise environments.
- Have a good awareness and be able to work within information security and confidentiality legislation.
- Possess an excellent understanding of ITIL, including service operation and service transition.
- Possess a good understanding of the technical elements of PCI-DSS and the ISO27001 standard.
- Experienced in understanding, configuring and tuning SIEM products through the use of correlation rules and analytics.
- A good working knowledge of supporting and troubleshooting current technologies in some of the following areas: