Senior Soc Analyst

  • Location:

    Warwick, Warwickshire

  • Sector:

    IT

  • Job type:

    Permanent

  • Salary:

    Negotiable

  • Job ref:

    BBBH109139_1569601313

  • Published:

    26 days ago

  • Start date:

    01/11/2019

  • Client:

    Undisclosed Company

This critical role supports the internal SOC and the directing of an outsourced tier 1 - 2 SOC MSSP to deliver robust security operations. Our Gaydon site has over 10,000 employees and the UK's largest Hybrid Engineering Team. We are building our first ever SOC so this is a great chance to be involved in a greenfield project, therefore we are looking for those with ambiton who can help us to shape our capability and have a say in the building up of our SOC. You'll be able to actively get involved in the tooling and liaise with suppliers from a technical perspective.

What to expect:

You'll be responsible for monitoring, detecting, containing and remediating security incidents utilising a suite of security software tools. Applying threat intelligence to build an awareness picture of emerging issues within the SOC you will also provide SME advice to security driven projects. You'll be expected to contribute to our continual development of analysis playbooks and tradecraft as well as our SOC strategy by refining standards, processes and procedures. You'll perform threat hunting tasks as well as in-depth and advanced analysis of security-related events.

You will manage escalated security-related events, advising the Cyber SOC Manager in making evidence-based decisions on how to respond based on the extent and severity of the intrusion; drawing on knowledge of threat actors, including their motivation, infrastructure and capabilities. You'll handle incidents across Windows, Mac, and Linux platforms whilst actively maintaining awareness of developments in the intrusion analysis, incident response and information security fields. You'll also help to develop and improve processes for incident detection and the execution of countermeasures.

What you'll need

You will ideally have experience of working within a SOC / NOC environment handling incident response for organizations and have worked in some capcity with Next Gen EPP / EDR technologies. You'll need to provide technical and service leadership to T1 and T2 analysts, it would be beneficial to have some stakeholder management experience. You should have experience in threat hunting and investigating, as well as an understanding of cyber security threat scenarios and countermeasures. You will have general network knowledge, tcp/ip troubleshooting and the ability to perform static and dynamic malware analysis to understand the nature of malware. You should have an advanced knowledge of the current threat landscape and a good understanding of malware operations, indicators, and known examples of APTs.

You will have an understanding of common Intrusion Analysis models (e.g. Cyber Kill Chain®) and the ability to apply them to enhance analysis and reporting. You'll have the ability to identify developing patterns and trends in data as well as an understanding of common Intrusion Analysis models which you are able to apply. You'll have touched on vulnerability Scanning and reporting ideally based on Qualys, have experience of modern SIEM solutions and a good understanding of ITIL processes, including Change Management, Incident Management and Problem Management.

You'll have a good understanding of technology and actively maintain awareness of developments in the intrusion analysis, incident response and information security fields. You should have the ability to rapidly distinguish between genuine and false detection events and respond appropriately. Desirable but not essential would be experience of network-based User Behaviour Analytics (DarkTrace, ArcSight User Behaviour Analytics etc), any time with security assessment and penetration testing tools or packet-capture tools/analysis of packet flows.It is good to see anyone who has either CEH, CompTIA CySA+, GSEC, SSCP, CISSP or an ITIL.

So why us?

Bring all this to the home of premium innovation, and you'll find the opportunities to further your career with a world-class team, a discounted car purchase and lease scheme for you and your family, membership of a competitive pension plan and performance related bonus scheme. All this and more makes ourselves the perfect place to continue your journey.

  • Bonus (Individual Performance Payment) & annual pay review
  • Privilege Vehicle Discount Hire/Purchase Scheme
  • 26 days holiday + 8 days statutory
  • Discounts i.e. 5% at Sainsbury's, 10% at Boots and 20% at EE
  • Employee Learning Scheme - £250 per year towards any self-development activity of your choice
  • Pluralsight account - unlimited online courses
  • Occupational Health services

Apply Save job Create Job Alerts

Share this job