SC Cleared - Senior SOC Analyst (x3) - Inside IR35

Sanderson Recruitment Plc

Hemel Hempstead, United Kingdom

6 days ago

Role details

Contract type

Permanent contract

Employment type

Full-time (> 32 hours)

Working hours

Shift work

Languages

English

Experience level

Senior

Compensation

£ 143K

Job location

Hemel Hempstead, United Kingdom

Tech stack

Antivirus Softwares

Bash

C++

Client Server Models

Computer Security

Computer Programming

Computer Networks

Relational Databases

Perl

Hypertext Transfer Protocols (HTTP)

Internet Protocol

Virtual Private Networks (VPN)

Python

Local Area Networks

Lightweight Directory Access Protocols (LDAP)

Simple Mail Transfer Protocols

Powershell

Reverse Engineering

Security Information and Event Management

TCP/IP

Wide Area Networks

Web Applications

Enterprise Data Management

Scripting (Bash/Python/Go/Ruby)

File Transfer Protocol (FTP)

Mitre Att&ck

QRadar

Malware

Firewalls (Computer Science)

Microsoft Sentinel

Splunk

Job description

As a Senior Security Operations Centre (SOC) Analyst you will support the ongoing maturity of SOC and help deliver an efficient and effective service to our wide range of clients. The primary role will be to conduct monitoring and triage of alerts associated with host and network security events for our client's critical infrastructure.

You will support the SOC through both delivery of client work and adding skills and ideas to the already diverse team., * Monitor, triage, and investigate security incidents on critical client infrastructure.

Perform in-depth analysis of network traffic, logs, and system events to identify potential security threats and vulnerability
Provide Incident Response support when required, providing guidance on containment, eradication and recovery activities.
Maintain and, where appropriate, improve and develop team knowledge of SOC tools, security operations and triage.
Prepare reports for managed clients to both technical and non-technical audiences and continuously improve their content and presentation.
Analyse and improve detection rules and use cases in line with Mitre Att&ck and threat-informed defence.
Work as part of a team to ensure that corporate data and technology platform components are safeguarded from known threats.
Maintain and update security incident documentation, including incident reports, analysis findings, and recommended mitigation strategies.
Input into threat intelligence activities when required.
Represent the SOC within Stakeholders meetings on occasion.
Engage with the Cyber Security Community of Expertise

Requirements

Proven experience in Security Operations Centre.
Demonstrable experience of using Microsoft Sentinel and Splunk.
Knowledge and experience with Mitre Att&ck Framework.
Strong knowledge of client-server applications, multi-tier web applications, relational databases, firewalls, VPNs, and enterprise AntiVirus products.
Strong understanding of networking principles including TCP/IP, WANs, LANs, and commonly used Internet protocols such as SMTP, HTTP, FTP, POP, LDAP
Good project management skills, with the ability to balance multiple initiatives and priorities simultaneously.
Strong influencing skills and ability to persuade others, with a broad understanding of all aspects of SOC services
Strong analytical and problem-solving skills with the ability to assess complex situations, identify risks, and recommend effective solutions.
Good communication skills, both written and verbal
Work under general direction within clear framework of accountability and can exercise substantial personal responsibility and autonomy
Cyber/information security qualification (e.g. CRT, CSTM, OSCP)

Desirable Skills

Experience of;

Static malware analysis and reverse engineering
Programming and scripting such as Python, Perl, Bash, PowerShell, C++
CREST Practitioner Intrusion Analyst/Blue Teams Level 1 or other SOC related certifications.
Experience with SIEM technologies, namely Sentinel and Splunk, with some experience with Qradar appreciated