SOC Analyst

  • Location

    Warwick, Warwickshire, W. Midlands, England

  • Sector:


  • Job type:


  • Salary:


  • Contact:

    Oliver Hurved

  • Contact email:

  • Job ref:


  • Published:

    about 1 year ago

  • Expiry date:


  • Start date:


  • Client:


This critical role supports the internal JLR SOC and the directing of an outsourced tier 1 - 2 SOC MSSP to deliver robust security operations. Our Gaydon site has over 10,000 employees and the UK's largest Hybrid Engineering Team. We are building our first ever SOC so this is a great chance to be involved in a greenfield project, therefore we are looking for those with ambiton who can help us to shape our capability.

What to expect:

You'll be responsible for monitoring, detecting, containing and remediating security incidents utilising a suite of security software tools. You'll evaluate incidents identified by tier 1 analysts and use threat intelligence such as updated rules and Indicators of Compromise (IOCs) to pinpoint affected systems and the extent of attack. You'll consolidate data from the alert triage to provide the context necessary to initiate Tier-3 work, additionally you'll be able to provide technical and service leadership to Tier 1 Analysts.

This critical role supports the internal SOC and directing an outsourced tier 1 - 2 SOC MSSP to deliver robust security operations. You'll conduct security research and intelligence gathering on emerging threats and have a good understanding of ITIL processes, including Change Management, Incident Management and Problem Management. You'll contribute to Incident Response investigations working with the Incident Response team whilst contributing to the continual development of analysis playbooks and tradecraft.

You'll proactively contribute to our SOC strategy by refining standards and procedures whilst developing and improving processes for incident detection and the execution of countermeasures. You'll handle incidents across Windows, Mac, and Linux platforms whilst actively maintaining awareness of developments in the intrusion analysis, incident response and information security fields. You will be in a position to offer SME advice to security driven projects, other wider acitvities will include conducting proactive threat research and maintaining SecOps documentation.

What you'll need

You will ideally have experience of working within a SOC / NOC environment handling incident response for organizations and have worked in some capcity with SIEM technologies such as Splunk or LogRhythm. You should have experience in NextGen EPP and EDR such as Crowd strike or SentinelOne and a background in Vulnerability Management such as Tenable or Qualys. You might have a familiarity with common IDS/IPS and Firewalls, TCP/IP Networking and the ability to communicate efficiently with clients and internal team members at all levels and across functional and organizational boundaries.

Desirable but not essential would be experience of network-based User Behaviour Analytics (DarkTrace, ArcSight User Behaviour Analytics etc), any time with security assessment and penetration testing tools or packet-capture tools/analysis of packet flows.It is good to see anyone who has either CEH, CompTIA CySA+, GSEC, SSCP, CISSP or an ITIL.

So why us?

Bring all this to the home of premium innovation, and you'll find the opportunities to further your career with a world-class team, a discounted car purchase and lease scheme for you and your family, membership of a competitive pension plan and performance related bonus scheme. All this and more makes ourselves the perfect place to continue your journey.

  • Bonus (Individual Performance Payment) & annual pay review
  • Privilege Vehicle Discount Hire/Purchase Scheme
  • 26 days holiday + 8 days statutory
  • Discounts i.e. 5% at Sainsbury's, 10% at Boots and 20% at EE
  • Employee Learning Scheme - £250 per year towards any self-development activity of your choice
  • Pluralsight account - unlimited online courses
  • Occupational Health services