Principal SOC Analyst

South West
08 Feb 2017
08 Mar 2017
Clearance Level
Job Type

Role: Principal SOC Analyst

Type: Permanent

Location: South West

Clearance: SC / DV

Salary: Competitive

Our client is an exciting and cutting-edge cyber security service provider looking for a Principal SOC Analyst. You would be providing the utmost levels of advanced cyber threat detection, incident response investigations and management to an array of clients in the public and private sectors.

The advanced SOC service utilises industry leading threat intelligence and advanced SIEM and network IDS solutions to deliver a managed security service designed from the ground up to detect all types of cyber threats facing a customer’s business, from potential insider issues to generic malware attacks to sophisticated state-sponsored cyber espionage. As the Principal SOC Analyst you will play a leading role in the day to day activity of the SOC, as well as leadership of the team and influence of the SOC on an operational, technical and strategic level.

Key Responsibilities:

The Principal SOC Analyst will be working 9-5 within the 24/7 Analysis Team. Day-to-day responsibilities will include:

  • Training and supervision of analysts
  • Act as Deputy to the SOC Manager
  • Responding to and investigating alerts raised by the in-house tool set
  • Liaising with customers to detail investigation outcomes and recommend remediation actions
  • Managing threat intelligence and actor profiling
  • Assisting in the generation of new signatures / rules
  • Assisting in the definition of analysis procedures and protocols
  • Analysts without GIAC certification shall be provided recognised training as part of their employment package

Essential Skills:

  • Comprehensive knowledge of common SIEM solutions, the purpose of them and an understanding of how they work
  • Extensive understanding APT actors; their tools, techniques, and procedures
  • Exposure to various types of malware, as well as a strong knowledge of infection vectors and indicators of an infection
  • Working with multiple common network protocols such as TCP/IP, HTTP, DNS, etc
  • Comprehensive knowledge of IDS principals, the purpose of them and an understanding of how they work
  • Exposure to computer networking design principals
  • Good knowledge of SQL
  • Good understanding of a range of other protocols such as ARP, DHCP, SMTP, FTP, Telnet, IRC, LDAP, SSL
  • Appreciation of typical business network architecture (i.e. type of servers/devices)
  • Constant awareness of current Information Security threats and past threats
  • Strong experience with TCPDump, WireShark, Snort, and/or other security tools
  • Experience of providing training and working in a supervisory role to junior staff beneficial but not essential

Candidates must hold valid UK Security Clearance or be able to attain the level of Clearance specified.

To apply please send a CV and covering letter outlining your suitability, salary requirements and availability to

In line with Asylum & Immigration Legislation, all applicants must be eligible to live and work in the EU. Documented evidence of eligibility will be required from candidates as part of the recruitment process. Furthermore, in view of the nature of the work, all potential employees will undergo stringent reference and identity checks.

CND Limited is acting as an Employment Agency in relation to this vacancy.

Similar jobs

Similar jobs