Connecting to LinkedIn...

SOC Build

Job Title: SOC Build
Contract Type: Permanent
Location: Birmingham , United Kingdom
Industry:
REF: 601
Contact Name: Sam Page
Contact Email: samuel.page@identifiglobal.com
Job Published: 8 months ago

Job Description

Senior Cyber Security Analyst – Birmingham – £45-60k

 

Rare SOC Build opportunity with an organisation created solely for the purpose of providing world-leading Cyber Defence Managed Services and Solutions. Using award winning UK Protective Monitoring technology they deliver comprehensive protection, governance and compliance, reducing your organisation's exposure to cyber risk.

 

They already have a Southern based SOC, well established and services various high profile accounts. Due to demand and growth they’re investing in a new build Birmingham SOC. We are looking to recruit Analysts, seniors and Shift leads.

 

More information below on all roles, please do get in touch for full details.

 

Standard Skills / Qualifications / Experience Required:

 

Essential

 

  • Bachelor’s degree in Information Security, Computer Science, Information Technology or related industry certifications
  • Good understanding of common network services (web, mail, FTP, etc), network vulnerabilities and network attack patterns.
  • Strong documentation and communication skills.
  • Strong analytical and problem solving skills.
  • Knowledge of SIEM toolsets.
  • Understanding of IDS and IPS technologies.
  • Understanding of Windows event logs.
  • Experience with enterprise information security data management.
  • Understanding of network traffic analysis
  • Experience with trouble ticketing and change management tools.

 

Desirable

 

  • ITIL Foundation Course.
  • SANS GIAC GCIA.
  • SANS GIAC GCIH.
  • CISSP.
  • CCNA.
  • MCSE.
  • ITIL Intermediate Course in Service Operations or OSA.
  • Passion for all things information technology and information security.
  • Natural curiosity and ability to learn new skills quickly.
  • A proven track record of delivery in a multi-disciplined environment.
  • Demonstrable experience of security related incidents and work requests.
  • Familiarity with industry leading security products.
  • Knowledge of Full Packet Capture toolsets.

 

SOC Analysts / Shift Leaders are responsible for:

 

  • Working as part of a shift team monitoring and investigating security events received from Customer's monitored IT estates so that potential attacks can be detected.
  • Providing situational security awareness by combining information from a variety of systems and normalizing / correlating the information.
  • Identifying suspicious and / or anomalous activities and taking appropriate action based on documented processes and procedures.
  • Checking system vulnerabilities and recommending remedial action to be taken.
  • Performing analysis of log files.
  • Assisting Customers with security related issues.
  • Managing security incidents through all phases of the incident response lifecycle from identification through to closure.
  • Undertaking monitoring system break / fix activity and escalating to on-call engineering teams where appropriate.
  • Providing prompt and comprehensive client reporting, ensuring that all events and alerts of note are raised in relevant reports and comprehensive and helpful commentary is provided for clients.
  • Carrying out all activities in line with SOC policies and SOC procedures.
  • Undertaking local reporting of issues into the SOC log and providing effective internal communication and handover to oncoming shift personnel.
  • Continuously seeking to identify potential service / tool improvements which will enhance the delivered services.

 

Senior SOC Analysts / Shift Leaders are specifically responsible for:

 

  • Ensuring that all Security Monitoring Systems and Consoles, including all Availability Monitoring Systems are monitored diligently and in a timely fashion by the whole shift team.
  • Providing on the job mentoring, guidance and advice to all SOC analysts and where necessary taking on the handling of incidents to ensure the best possible service is provided to the Customer.
  • Reviewing alerts generated by SOC Analysts.
  • Reviewing Customer reports to ensure quality and accuracy.
  • Being aware of relevant Customer Service Level Agreements relating to Incident resolution and maximising the likelihood that they’re met.
  • Escalating (where necessary) events and incidents to the Cyber management team.
  • Ensuring the accurate and full completion of the SOC Status Checks and that any issues arising as a result of the checks or during the shift are recorded and managed.
  • Troubleshooting monitoring system issues.
  • Working with Customers to configure host IDS / IPS policies.
  • Creating Rotas to cover shift patterns
  • Assisting with the on-boarding of new customers and log sources
  • Development of SIEM rules
  • Performing analysis of log files.

 

For more information about the client and opportunity please do contact me.

Samuel.page@identifiglobal.com

01908 88 60 37