Senior SOC Lead
*security clearance is required for this role but candidates not holding this level of clearance will be considered*
Leading IT Services Provider in the defence sector require a skilled Senior SOC Lead to join their team in Basingstoke.
- Working with a high-performing, dedicated security operations team, you'll be an integral part of the team providing support for Cyber incidents and alerts. Working with internal security teams to ensure information is safeguarded.
- Developing strong relationships across the organisation, with external strategic support partners and 3rd party vendors who provide tooling support. This ensures the safety of both on-prem data and systems, hosted and supported in other geographical locations. Knowledge and experience of SaaS, PaaS and IaaS solutions is desirable.
- Responsibility for the security analysis, incident classification and incident response actions including notification and alerting. Monitoring for possible security incidents, using knowledge of attack types and standard protocol behaviour to classify incidents, comment, and provide advice on mitigation or remedial actions to the customer.
- You will Investigate and report on suspicious activity including, unauthorised account activity, compromised accounts and incidents, privilege creep, loss of data and breaches in security policy. This involves conducting investigations to ascertain the facts surrounding these activities and liaising with other resolver groups and teams to understand the impact and possible risks associated.
- Supporting the engineering of use cases through low level recommendations for tuning.
- Provide a level of security consultancy to other internal teams for matters relating to the SOC.
- Support bid teams with their customer engagement by providing knowledge of the SOC operations.
- Knowledge and experience of Cyber Security and using a SIEM tool e.g LogRhythm.
- Monitoring client security infrastructure, identifying and reporting Real Time attacks and vulnerabilities on the client network.
- Identification of incidents and subsequent analysis and investigation to determine their severity and the response required. Ensuring that incidents are correctly reported and documented in accordance with government policy and procedures.
- Be prepared to provide a Technical Escalation Point during security incidents, establishing the extent of an attack, the business impacts, and advising on how best to contain the incident along with advice on systems hardening and mitigation measures to prevent a re-occurrence.
- As required support the customer with the creation of reports and dashboards, manage alarms and usage cases
- Maintain a keen understanding of evolving threats and vulnerabilities to ensure the security of the client network.
- As required update Protective Monitoring/SOC documentation, processes and procedures and ensure currency.
- Provide daily team leadership, management, job training and mentorship to develop junior members of the SOC team.
Please apply via this site in the first instance, or send a CV with a covering note to Amber.Lowman@projectpeople.com
Project People is acting as an Employment Business in relation to this vacancy
Project People is acting as an Employment Agency in relation to this vacancy.
Core Apps 3rd Line Engineer
LAN Engineer/3rd Line Network Technician (Cisco/Juniper)
3rd Line Network Engineer/LAN Engineer/Network Technician
LAN Engineer/2nd Line Network Technician (Cisco/Juniper)
2nd Line Network Engineer/LAN Engineer/Network Technician