Senior SOC Analyst Remote working. With trips to the client site UK Must hold Active SC clearance Rate £395.00 Role Description: The Senior SOC Analyst will play a vital role in our security operations, focusing on incident management and response to protect our organisation's assets. This position requires a highly skilled professional capable of performing in-depth incident analysis and investigation, engaging with technical and business stakeholders, and providing expert advisory support. Incident Management: - Conduct thorough analysis to determine the causes of security incidents, ensuring a comprehensive understanding of attack paths. Utilise pre-defined playbooks and develop new procedures as necessary to enhance our incident response capabilities. - Liaise with technical and business owners of affected systems, particularly in cloud environments such as AWS and Azure, as well as across user endpoints. Present findings and collaborate on remediation and recovery efforts. - Offer technical advice based on alert data and logs to support the investigation of cyber incidents, ensuring effective communication and collaboration across teams. Incident Response: - Respond promptly to security incidents, conducting thorough investigations and delivering timely solutions to mitigate damage. Contribute to the creation and maintenance of effective incident response playbooks and provide technical expertise to enhance the overall incident response process. - Investigate incidents utilising data from various sources, including asset logs and SIEM platforms, and forensic artefacts. Prepare detailed analysis reports for incident management teams, ensuring incidents are adequately tracked and collaborating with SecOps and SOAR platform specialists to maintain optimal platform efficiency. - Oversee the preparation of incident reports, ensuring all templates and processes are current. Become the leading authority on cyber incident reporting for the client in the UK. Tooling Management and Direction: - Serve as a key advisor on the requirements for the client's EDR/XDR toolsets and MDR services. Ensure that incident response needs are accurately reflected in the various cyber toolsets and work alongside engineering teams to implement necessary improvements. Stakeholder Management: - Communicate complex technical threats and attack paths in an accessible manner to management, articulating associated business risks and describing appropriate mitigation strategies. - Collaborate with the Governance, Risk, and Compliance (GRC) team to ensure adherence to relevant regulations and control frameworks for Critical National Infrastructure (CNI), including NCSC CAF, ONR SyAPs, and ISO27001. - Provide real-time support during major security incidents and exercises, contributing to forensic investigations, analysis, and technical guidance.