Senior SOC Analyst - Malvern Our client's Cyber Security Operations Centre (CSOC) provide their customers with 24x7 protective security monitoring. Our clients vary from CNI entities, public facing services, through to enterprise networks - all providing vital services within the UK. We deal with all kinds of adversary threats that aim to compromise, deny or disrupt our client systems. We work closely with our clients, providing alerting, from initial analysis through to incident escalation, and sharing of threat intelligence.We provide every analyst the opportunity to develop new skills and refresh existing knowledge - with a hands-on training facility that is available 24x7. Analysts are encouraged to achieve recognised qualifications, such as Crest Intrusion Analyst certifications and provides the opportunity to attend InfoSec related conferences to develop situational awareness of cyber security related activities.Being part of the CSOC, enables the analyst to work with aligned teams; including threat intelligence, service management, information assurance and the security health check. This enables us to fully understand the cyber operating picture, from the client environment through to applicable threats - in order to provide the best alert and monitoring service to our clients.Role PurposeAs a key member of the Senior Analyst team, you will play a vital role in shaping the Enterprise Cyber vision and delivery the strategy of the SOC to realise operational capabilities. You will provide leadership to the existing team, providing them with technical support and guidance as required whilst taking the lead on incident escalations, making rapid evidence-based decisions on how to respond based on the extent and severity of the intrusion; drawing on knowledge of threat actors, including their motivation, infrastructure and capabilities.You will remain 'hands on' technically, performing in-depth and advanced analysis (log analysts, IDS alerts, network analysis, IoC review) of complex and non-routine escalated security-related events; drawing on the expertise of other Analysts and external resources as required. You will also be responsible for ensuring that the tools are optimised for analyst use i.e. TI tuning, alerting and enrichment/orchestration workflows.The FitYou will have previous experience working within a relevant information security discipline (operations or engineering), able to demonstrate strong awareness of network security best practice, encompassing common network architectures. You will have a passion for technology, able to demonstrate how you have enhanced processes and practices in your previous roles. As our SOC continues to grow and expand our offering to clients, you will have the ability to drive positive change and maintain our position as a market leader.You will actively keep up to date with latest developments, from adversary techniques, through to technology and detection capabilities. An understanding of Mitre ATT&CK matrix, Cyber Kill Chain, and analyst playbook development experience would be advantageous.QualificationsTool and vendor training; SIEM, IDSCREST Registered Intrusion Analyst (CRIA) or equivalent GIAC, SANS SEC/FOR 5xx.Desirable: CREST Host Intrusion Analyst (CHIA)/CREST Network Intrusion Analyst (CNIA) or equivalent GIAC, SANS SEC/FOR 6xx.