SOC Analyst
York - Hybrid Working
Permanent
Reporting to the Cyber Security Operations Manager, the Cyber Security Operations Engineer is a key member of the cyber security operations team delivering effective cyber security services and controls including all regional operating companies, construction and sales sites.
The role holder is required to continuously monitor and respond to alerts from cyber security systems such as SIEM and EDR. Categorise, prioritise and triage and respond to cyber security incidents in a timely and effective manner and inline with agreed SLAs, policies, processes and best practices.
In addition, the role holder will take an active and sometimes lead role in security projects and initiatives which contribute to the continuous improvements cycle of Persimmon Plc’s security posture.
KEY RESPONSIBILITIES
Personal Development
* Takes personal responsibility for own personal development including clear objective setting and performance management.
* Provide feedback to the Cyber Security Operations Manager to further their own and teams’ development.
* Undertakes relevant training for new and existing technologies and services. This may include some attendance at offsite venues as appropriate.
* Perform any other tasks assigned to you. This includes regular tasks and any ad hoc requirements as defined by Cyber Security Operations Manager.
Operational Services
Operational performance
* Ensure effective operation of the cyber security function, including, but not limited to the following:
* Monitor the Persimmon IT SIEM platform.
* Respond effectively to security incidents.
* Use analytical skills to undertake investigations into phishing emails and other security events.
* Use Endpoint Detection and Response (EDR) tools to examine endpoint and respond to cyber threats and malware.
* Undertake vulnerability management including identifying and risk assessing vulnerabilities on any IT infrastructure. Reporting and tracking vulnerabilities through to mitigation.
* Conduct security administrator activities across the Microsoft 365 stack including but not limited to configuration and change management of security tools.
* Be responsible for managing changes to security tools adhering to Persimmon IT change management policy.
* Conduct reviews of existing IT Infrastructure such as firewall ruleset reviews advising on where risks might exist.