SNOC Analyst / Security Analyst - SC Cleared
The SNOC Senior Analyst is part of the Security and Network Operations Centre (SNOC) team that support the Computer Network Defence (CND) of the ICT infrastructure. This post will manage, monitor and control, the Security Incident and Event Monitoring system (SIEM), Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS) devices. The individual will be responsible for regularly monitoring, managing and testing SIEM/IDS/IPS, including demonstrating the functionality, availability, performance and scalability of the service. Providing 24 hour cover the Analyst will respond to alerts utilising a variety of approaches and monitor secure and Management networks.
The Analyst will also assist with the on-going enforcement and validation of the defined security policies for the SIEM / /IDS/IPS and firewalls, reporting any weaknesses and continuous improvements that could be introduced into the SIEM/IDS/IPS and firewalls. The SNOC Senior Analyst will also be expected to pass his knowledge onto more junior members of the SNOC team and cross train on different security technologies if the need arises. Extensive knowledge of ICT security principles and the attack lifecycle is a necessity.
Mandatory Skills Required:
- Experience of 3rd to 4th line SME for the Management, Monitoring and maintenance of the security appliances.
- A SIEM platform.
- The Cyber Sensors (FPCap).
- Ad hoc support of forensic activities.
- Monitoring of network activity; analysis of audit trails and alarms; and initiating corrective action where necessary.
- Good communication skills.
- Excellent understanding of the attack lifecycle.
- Engineers will also have supervisory responsibilities.
- Well-developed communication skills, well developed consulting skills.
- Technical leadership.
- Thorough knowledge of information technologies and their functions.
- Experienced in most areas of the solution lifecycle.
- Has effective working relationships with customers IT management and sales and project management staff.
Desirable Skills Required:
- Qualifications such as CEH, SANS, CISSP.
- Product knowledge (LogRhythm or Endace).
- Experience of liaison with Crown oversight.
- Experience working with and within a Defence / Secure environment.
Due to the secure nature of this role the successful candidate will require SC clearance prior to starting and also must be willing/able to attain higher security clearance.
Project People is acting as an Employment Agency in relation to this vacancy.