Job Title: SIEM Analyst
Salary: £30K to £40K dependant on experience
About this job
We are offering a genuine career opportunity on a large IT Estate for SOC Security Analyst with strong Server / MS Windows administration experience to join our Security Incident and Event Management arena! You will be joining the technical and security focused Security Services team as an IT Security Analyst, delivering real time proactive monitoring and response to Security Threats, Incidents and Alerts. Holding Current DV clearance is a bonus although we will consider candidates eligible for SC who are prepared to go through and are eligible for DV Clearance.
- You will work as part of a SIEM Analyst team using the Huntsman suite in order to identify any potentially abnormal system/user behaviour and raise them as incidents for investigation.
- When required perform initial investigation and identification of events of interest using the Huntsman suite.
- Complete analysis/correlation of events from multiple log sources in order to identify incidents.
- Complete configuration changes to the Huntsman suite including but not limited to filters/tuning/dashboards as authorised.
- Assisting to enforce the Compliance function through manual content checking activities of email gateways.
- As a Security Analyst, you will already have experience of some common network or endpoint security devices/software, such as IDS/IPS, DLP, AV, Web Proxies, Application whitelisting.
- You should be a "Cyber enthusiast" and take an active interest in the Information Security field preferably complimented by some relevant security certification such as CISMP, CompTIA Sec+ or CISSP
- Previously held a server/network support role, in a secure environment
- Strong analytical and problem solving skills
- Excellent communication and team working skills.
- Willingness and ability to be DV Cleared
Experience of security monitoring toolsets e.g. Huntsman/ArcSight
Knowledge of MoD, CESG and other mandated government IT legislation
Good networking experience (CCNA or equivalent)
Core MS Windows administration skills (MCSA/MCSE or CompTIA)
An understanding of a range of protocols and topologies (TCP/IP, DHCP, DNS, FTP, SMTP, X400, HTTP)
Knowledge of ITIL (ITIL Foundation certificate or experience working in ITIL environments)