Are you conscientious, ambitious and passionate about Security? Can you spot weaknesses in Security processes and provide resolutions to these? Do you want to shape your world and change the way the world works? Do you want to collaborate and achieve together with committed people to monitoring, detecting, reporting, auditing and protection of Security? This is your world and your opportunity to shape it for the better.
My client are looking for a SOC Analyst to identify threats and vulnerabilities and present solutions or mitigation activities to manage these.
Your role will involve.
-Working with a high-performing, dedicated security operations team, you'll be an integral part of the team providing support for Cyber incidents and alerts. Working with internal security teams to ensure information is safeguarded.
-Developing strong relationships across the organisation, with external strategic support partners and 3rd party vendors who provide tooling support. This ensures the safety of both on-prem data and systems, hosted and supported in other geographical locations. Knowledge and experience of SaaS, PaaS and IaaS solutions is desirable.
-Responsibility for the security analysis, incident classification and incident response actions including notification and alerting. Monitoring for possible security incidents, using knowledge of attack types and standard protocol behaviour to classify incidents, comment, and provide advice on mitigation or remedial actions to the customer.
-You will Investigate and report on suspicious activity including, unauthorised account activity, compromised accounts and incidents, privilege creep, loss of data and breaches in security policy. This involves conducting investigations to ascertain the facts surrounding these activities and liaising with other resolver groups and teams to understand the impact and possible risks associated.
-Supporting the engineering of use cases through low level recommendations for tuning.
-Knowledge and experience of Cyber Security and using a SIEM tool e.g LogRhythm.
-Monitoring client security infrastructure, identifying and reporting Real Time attacks and vulnerabilities on the client network.
-Identification of incidents and subsequent analysis and investigation to determine their severity and the response required. Ensuring that incidents are correctly reported and documented in accordance with government policy and procedures.
-Be prepared to provide a Technical Escalation Point during security incidents, establishing the extent of an attack, the business impacts, and advising on how best to contain the incident along with advice on systems hardening and mitigation measures to prevent a re-occurrence.
-As required support the customer with the creation of reports and dashboards, manage alarms and usage cases.
-Maintain a keen understanding of evolving threats and vulnerabilities to ensure the security of the client network.
-As required update Protective Monitoring/SOC documentation, processes and procedures and ensure currency.
-Experience of vulnerability management and working with internal and external teams to triage and manage these.
This is a permanent role that will require the successful applicant to gain security clearance.
SOC Analyst, SIEM, Cyber Security, LogRhythm, Splunk, IBM QRadar, SaaS, PaaS and IaaS, Defence, National Security