Role: SOC Analyst
We are looking for a SOC Analyst for one of our clients which is a global IT organisation, to identify threats and vulnerabilities and present solutions or mitigation activities to manage these.
What skills / experience we are looking for:
- Knowledge and experience of Cyber Security and using a SIEM tool e.g LogRhythm.
- Experience of vulnerability management and working with internal and external teams to triage and manage these.
- Knowledge and experience of SaaS, PaaS and IaaS solutions is desirable.
- Monitoring client security infrastructure, identifying and reporting Real Time attacks and vulnerabilities on the client network.
- Identifying of incidents and subsequent analysis and investigating to determine their severity and the response required. Making sure that incidents are correctly reported and documented in accordance with government policy and procedures.
- Be prepared to provide a Technical Escalation Point during security incidents, establishing the extent of an attack, the business impacts, and advising on how best to contain the incident along with advice on systems hardening and mitigation measures to prevent a re-occurrence.
- Support the customer with the creation of reports and dashboards, manage alarms and usage cases, as required.
- Maintaining a keen understanding of evolving threats and vulnerabilities to ensure the security of the client network.
- Updating Protective Monitoring/SOC documentation, processes and procedures and ensure currency, as required.
What you can expect to be doing:
- Working with a high-performing, dedicated security operations team, you'll be an integral part of the team providing support for Cyber incidents and alerts.
- Working with internal security teams to ensure information is safeguarded.
- Developing strong relationships across the organisation, with external strategic support partners and 3rd party vendors who provide tooling support. This ensures the safety of both on-prem data and systems, hosted and supported in other geographical locations.
- Responsibility for the security analysis, incident classification and incident response actions including notification and alerting. Monitoring for possible security incidents, using knowledge of attack types and standard protocol behaviour to classify incidents, comment, and provide advice on mitigation or remedial actions to the customer.
- You will Investigate and report on suspicious activity including, unauthorised account activity, compromised accounts and incidents, privilege creep, loss of data and breaches in security policy. This involves conducting investigations to ascertain the facts surrounding these activities and liaising with other resolver groups and teams to understand the impact and possible risks associated.
- Supporting the engineering of use cases through low level recommendations for tuning.
Note: To apply for this role, the candidate must either hold a SC or should be willing to undergo SC. (Security Clearance)
Project People is acting as an Employment Agency in relation to this vacancy.