Overview
Cyber Defence Analyst L3 role at Airbus Protect in Newport. The position is a 3rd Line Analyst within the SOC, serving as an escalation point for SOC operational activity and responsible for day-to-day monitoring of multiple security devices (SIEM, SOAR, IDS/IPS, EDR, etc.), ensuring that customer SLAs are met.
The role requires working as part of the SOC team to complete operational tasks, update and close tickets with satisfactory technical details, and participate in technical workshops and customer briefings/service reviews. Analysts should be able to present and write professional reports to key stakeholders and manage time effectively.
Responsibilities
* Lead the SOC Team in charge of Critical Incidents when required
* Analyze/correlate events of interest to identify incidents; respond to events, exceptions and incidents per SOC work instructions; include remedial action and recommendations
* Complete post-incident reporting; maintain and update SOC work instructions
* Use Case Factory development
* Design and develop Playbooks
* Validate Use Cases and Playbooks before going live
* Stay current in security concepts, tools and best practices
* Present and review reports to internal and external stakeholders
* Define continuous improvement processes in coordination with SDM
* Suggest improvements to internal processes, support documentation and management tools
Required qualifications and experience
* Palo Alto Networks Certified Detection and Remediation Analyst (PCDRA)
* Microsoft SC200: Microsoft Security Analyst
* Blue Team Level 1 & 2: Junior/Advanced Security Operations
* Knowledge of Microsoft Defender & Sentinel
* Knowledge of SOAR
* Knowledge of Splunk
* Understanding of threat actor TTPs
* SANS SEC401: Security Essentials (or equivalent)
* SANS SEC503: Network Monitoring and Threat Detection In-Depth (or equivalent)
* SANS SEC504: Hacker Tools, Techniques, Exploits and Incident Handling (or equivalent)
Desirable qualifications
* Knowledge of Reverse Engineering Malware
* Practical Junior Malware Researcher (PJMR)
* SANS SEC488: Cloud Security Essentials (or equivalent)
* CREST CCNIA (or equivalent)
* SANS FOR508: Advanced Incident Response, Threat Hunting and Digital Forensics (GCFA)
Soft skills
* Ability to present and write professional reports to key stakeholders
* Good time management and teamwork
You will work from Airbus Protect offices, Newport, South Wales, with occasional travel within the UK and abroad.
Due to the nature of work, these vacancies are only open to sole British Citizens. If you meet this criteria, you will also undergo security clearance vetting, if not already security cleared to a minimum DV level.
Airbus Protect is committed to equal employment opportunities regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender, gender identity or expression, or veteran status. We are proud to be an equal opportunity workplace.
About Airbus Protect
Airbus Protect brings together experts in risk analysis and management in safety, cybersecurity and sustainability. We deliver expertise to our group, Airbus, and to external clients. With over 1,800 professionals across France, UK and Germany, we service large-scale contracts with critical infrastructure and other industries.
#J-18808-Ljbffr