Security Operations Centre - Senior Analyst

Introduction

Key requirements for this position: you must have an active interest in Cyber Security, incident detection, network and systems security and experience or qualifications in network and systems monitoring. Preferably you will be CEH or SANS certified.

Important

Ethical Hacker with an active interest in Cyber Security, incident detection, network and systems security.

The Job

Our clients Security Operations Centre (SOC) offers a leading edge protective monitoring service to its customers. This exciting position forms a key role within their Security Operations Centre (SOC), and will involve keeping abreast of evolving cyber threats and identifying new and sophisticated methods of detecting them across their customer's IT estates. It's a fantastic opportunity to join a rapidly expanding SOC and play a pivotal role in the establishment of the team.

SANS GCIA / GCIH or AESA (ArcSight Enterprise Security Analyst) qualifications desirable.

If however you are not yet GCIA, GCIH or AESA certified please note that full training / courses will be given with a view to you obtaining these qualifications

You will be responsible for analysing network, application and system log events in order to identify any potentially abnormal system behaviours and raise them as incidents for investigation. These will then be investigated to establish if these are expected events or a security threat whereby they will be escalated to appropriate customer or technical resources for remedial action.

As a senior analyst it is likely you will provide a Technical Escalation Point during security incidents, establishing the extent of an attack, the business impacts, and advising on how best to contain the incident along with advice on systems hardening and mitigation measures to prevent a reoccurrence.

In addition, as a Level 2 Security Analyst you will have the important role of working with industry leaders, external organizations and trusted partners to constantly tune our clients service by designing advanced detection rules to be implemented into their SIEM (Security Information and Event Management) Solution.

Additional Responsibilities:
* Maintain keen understanding of evolving Internet threats to ensure the security of client networks
* Write technical articles for internal knowledge base
* Participate in knowledge sharing with other analysts and develop solutions efficiently
* Coordinate or participate in individual or team projects
* Perform other essential duties as assigned

Essential skills for the role:
* An excellent communicator at all levels.
* A sound knowledge of IT security best practice, common attack types and detection / prevention methods.
* Demonstrable experience of analysing and interpreting system, security and application logs in order to diagnose faults and spot abnormal behaviours
* Experience of maintaining a secure network through configuring and managing typical Security Enforcing Devices, such as Firewalls, Proxies, IDS/IPS devices, EPO. Knowledge of SNORT.
* In depth experience of other common devices, such as routers, switches, hubs. Troubleshooting Windows environments
* Strong written and verbal communication skills
* Attention to detail and great organizational skills

Desirable skills for the role:
* Exposure to IT service management best practices such as ITIL
* Experience of using SIEM tools such as ArcSight, LogLogic, Q1 labs, Symantec Endpoint
* Software engineering, programming or scripting knowledge. Java, .Net.
* An understanding of Information Security; relating to the Confidentiality, Integrity and availability of information
* Experience of mentoring or coaching members of a team

You will be working as part of a team to provide initial 9AM to 5PM operational support with a view to move to 24/7 operational support within the Security Operations Centre (SOC). Movement over to the 24/7 operations will incur a salary uplift above the basic salary of around 20 - 25%.

On top of a competitive salary a comprehensive benefits package is offered including holiday, life assurance and a contributory pension scheme.

Please note, you must be prepared to become SC and DV cleared for this position.

To apply for this position, candidates must be eligible to live and work in the UK.