SOC Analyst - London
We require an experienced security professional who will join an existing team based in a London SOC.
You'll be responsible for security monitoring & log analysis and will evaluate the type, nature and severity of security events (security assurance/security compliance) through the use of a range of security event analysis tools - you must possess a strong understanding of common security exploits, vulnerabilities and mitigation techniques.
The role will primarily using a SIEM (Security Incident and Event Management), IDS/IPS (Intrusion Detection/Prevention System), NAC (Network Access Control) toolset to perform log analysis and monitoring activity along with other security solutions to aid investigation and troubleshooting. The role holder will be expected to engage appropriate incident response and corrective action as required or as set out in associated Service Level Agreements.
- Hands on experience with a variety of different IDS/IPS, NAC and SIEMs;
- Have knowledge of the common types of vulnerabilities and attacks & perform IT security threat management tasks
- Perform operational 'eyes on glass' real-time monitoring and analysis of security events from multiple sources including but not limited to events from SEIM monitoring tools, network and host based intrusion detection systems, firewall logs, system logs (Unix & Windows)
- Perform advanced diagnosis and remediation planning in response to security events & incidents
- Analyse security event logs and alerts to determine validity, priority and impact against both security threat best practice counter measure and client compliance obligations
- Monitor and use of incident ticket systems to log incident and perform change activity
- Accept, manage and update service requests to ensure contracted SLA are met
- Manage client expectations and escalate critical situations to appropriate levels of management
- Manage vendor operational performance and drive vendor support relationships to achieve problem resolution
One of more of:
- CISSP desirable
- SANS GIAC, GCIA, GCIH, GSEC or similar certification desirable
- CEH, SSCP
- OSCP Offensive Security Certified Professional (OSCP)
Initial 6 month contract available, extensions are likely.