Senior Cyber Security Analyst - SOC - Home based - Permanent
Good all round skills within a customer focused environment. SIEM experience in one or more of Azure Sentinel, Splunk, ArcSight, LogRythm, Qradar or other SIEM tool sets. IDS/IPS - Snort, Palo Alto, Checkpoint, Firepower. Email Investigations, Analysis of Event Logs, and permission based control systems, Solid understanding of Infrastructure and Network based principles.
Up to £60,000 - £80,000 DOE + Benefits - Home based working
A successful UK Based Cyber Security business are seeking a Senior Security Analyst to join their established team and lead client facing support across the SIEM toolset and associated technologies.
Working as a key player alongside the broader SOC team and SIEM professionals you will be the main point of contact that will handle client requirements of the SOC Monitoring Platform. Resolving, escalated reports and raising recommendations for resolution and remediation for security incidents. You will be the lead for to process improvement and threat analysis.
Within the SOC you will support the strategic awareness, subsequent planning, and next step recommendations when identifying new and upcoming threats to your clients.
This is a critical position in an established team that will offer further career opportunity and continued self-development.
Your key technical expertise will include
- SOC/ SIEM Toolsets (Qradar, LogRhythm,SPLUNK, Azure Sentinel etc
- IDS/IPS - Snort/Palo Alto/Checkpoint
- Email Investigations - Including Header Analysis, Office Doc Investigations and Macro Extraction
- Analysis of Event Logs, Active directory and permissions-based control systems (AD etc)
- Solid Understanding of Windows and Linux Operating Systems
- Strong understanding of TCP/IP and underlying network protocols
- Experience in assessing infrastructure and security risks within a client's environment
Your key requirements will include
- Resolve, escalated report and raise recommendations for resolution and remediation for security incidents.
- Advanced monitoring of system logs, SIEM tools and network traffic for unusual or suspicious activity.
- SIEM (Security Information and Event Management):
- Setting up various SIEM solutions and troubleshooting connectivity issues.
- Investigate and resolve security violations by providing postmortem analysis to illuminate the issues and possible solutions.
- Collate security incident and event data to produce monthly exception and management reports.
- Report unresolved network security exposures, misuse of resources or noncompliance situations using defined escalation processes.
- Assist and train team members in the use of security tools, the preparation of security reports and the resolution of security issues.
- Develop and maintain documentation for security systems and procedures.
- Recommend, schedule and/or apply fixes, security patches and any other measures required in the event of a security breach.
Apply now for immediate consideration!