Security Operations Analyst
Role details
Job location
Tech stack
Job description
The Security Operations Analyst will be focused on providing excellent 24/7 first line operational and incident response support, so our teams can provide fantastic customer experience. You will work closely with internal customers to build and support operational resilience, monitoring and security across IT systems required to support the Eutelsat Group mission. You will also contribute to the design, build, and support the Security Operations technology infrastructure. You will work across multiple projects and work alongside internal stakeholders that form a global multi-disciplinary team., * Provide effective incident management through monitoring and analysis of Security Events and Incidents on a diverse range of SIEM tools and monitoring capabilities to identify and diagnose potential complex service impacting issues across a range of technologies and platforms.
- Triage, mitigate and escalate incidents accordingly, while capturing and recording pertinent information, logs and artifacts. Providing technical guidance for successful resolution.
- Perform appropriate contingency and containment procedures in response to planned or unexpected events and implement proactive measures aimed at preventing recurrence.
- Produce and deliver detailed written and verbal technical Incident reports.
- Act as the subject matter expert for operational security, provide advice and guidance to internal teams on best practice.
- Contribute to the continuous improvement of the operations team; from technical improvements to procedural efficiencies.
- Manage and support the tooling used by Eutelsat Group teams, working closely with Data and Information functions across the business
- Develop and maintain technical documentation.
- Keep abreast of operational changes in a fluid environment, ensuring that individual and team actions are taken in line with current best practice.
The role will be supporting a 24/7 Security Operations Centre. The Security Operations Analyst may be required to occasionally work a rotating 12-hour shift pattern, to include daytime, nighttime and weekend work.
Requirements
- 3+ years' experience of working in a SOC environment or Cybersecurity role.
- Experience of working with SIEM tools.
- Experience of Incident Response and/or forensic skills
- Thorough understanding of Cybersecurity Tactics, Techniques and Procedures (TTPs), understanding how threat actors orchestrate and manage attacks through frameworks such as MITRE.
- Understanding of vulnerability management, gap remediation, risk logging, and tracking
- Excellent interpersonal and customer facing skills.
- Excellent communication skills including strong verbal and written skills & the ability to interact with colleagues at all levels.
What We'd Love:
- Experience of Darktrace, native AWS and Microsoft Security functions.
- Understanding of Security standards and frameworks, e.g.: NIST, CIS, OWASP, ISO 27001
- Awareness and understanding of pentesting, threat hunting and red teaming in operational environments.
- Networking principles including TCP/IP, WAN's, LAN's, and commonly used Internet protocols such as SMTP, HTTP, FTP, POP, LDAP.
- Security incident management and control.
- Experience of Linux/Windows Server administration and configuration.
- Experience of PowerShell and Python scripting.
- Working in an ITIL / Agile environment with a DevOps mindset.
Benefits & conditions
- South East; Milton Keynes; Southampton; Dartford; Reading; Maidstone; Sutton; Croydon; Slough; Portsmouth; Brighton
- Permanent
- Published: 1 day ago
- Competitive