Experis IT

SOC Analyst

Recruiter
Location
Malvern
Salary
£40000 - £60000 per annum
Posted
31 Jan 2017
Closes
28 Feb 2017
Ref
J361332A
Contact
martin ferguson
Clearance Level
DV, SC
Job Type
Permanent

SOC Analyst / Engineer

Qualifications within the IT Security field desirable though not essential with exposure to either ArcSight or LogRhythm

Prepared to become SC and DV cleared

Salary: Up to £60'000 dependent on experience

Location: Malvern

We are looking to recruit a SOC Analyst on a permanent basis in the Malvern/Worcester area on behalf of a well-known organisation specialising in offering cyber security services to both defense and commercial businesses.

Working as part of a team of analysts, you will be specialising in proactively monitoring the businesses high profile IT estate, monitoring Security Incident Event Management (SIEM) systems and managing associated incident response processes, undertaking security vulnerability management and using threat intelligence alongside APT hunting tools to search for threats.

There are excellent opportunities for progression internally, with opportunities to move up the ladder into more senior roles and eventually management. In addition, you could look at a lateral move to other teams (e.g. Consultancy, Engineering, Architecture, Pre-Sales).

Role Outline

  • Reporting directly to the shift Operations Lead, you are to support the sustainability of the SOCs protective monitoring services
  • Provide monitoring, alerting and incident handling services within the SOC Act as the initial analytical reference point for identifying and then quantifying the nature and extent of an attack and offer initial professional advice relating to possible business impact
  • Advise on incident containment measures
  • Provide advice relating to potential mitigation measures in order to prevent, or limit future re-occurrence
  • Develop and maintain a credible knowledge of current and emerging threats likely to effect the Integrity of the managed service you are protecting
  • Develop a credible level of protective monitoring experience, and aspire to developing a good level of experience and knowledge regarding the capabilities offered by each SIEM used

Key skills and Experience

  • Security Monitoring tools and their use (e.g. SIEM, IDS/IPS, DLP).
  • Familiarity with ArcSight or LogRhythm
  • Vulnerability Management
  • Perimeter and host security intrusion techniques.
  • Network Protocols.
  • Threat Intelligence
  • Relevant GIAC or CREST qualifications (e.g. GCIH, GCIA, GREM, CC NIA).
  • Incident Response experience (from a Consultancy or SOC environment)
  • Big Data / Security Analytics / Threat Hunting experience.
  • Maintain a keen understanding of evolving Internet threats to ensure the security of client networks
  • Perform other essential duties as assigned
  • In addition, a key role within the SOC is keeping abreast of evolving Cyber threats and identifying new and sophisticated methods of detecting them across a customer's IT estate.
  • Experience of maintaining a secure network through configuring and managing typical Security Enforcing Devices, such as Firewalls, Proxies, IDS/IPS devices. Knowledge of SNORT
  • Strong understanding of network monitoring and packet analysis tools
  • Significant experience with TCP/IP, Linux, UNIX, Windows, IP Routing
  • Software engineering, programming or scripting knowledge. I.E Java, Net Intrinsic Factors Working to tight deadlines
  • A sound knowledge of IT security best practice, common attack types and detection / prevention methods
  • Experience of analysing and interpreting system, security and application logs
  • In depth experience of network or security devices, routers, switches, hubs, firewalls, or SIEMS