Overview
Second Line Security Analyst (Protective Monitoring) – Basingstoke (BSN01) or Bracknell (BRA01) with flexibility to travel between. The SDWAN Support Team seeks a Second Line Shared Service Security Analyst to work collaboratively across accounts, providing direct technical support for Protective Monitoring as part of the 2nd Line Team and assisting in day-to-day operations of the DNS SD-WAN Service. The role may be on-site at Basingstoke or Bracknell with occasional travel to support a team across both sites delivering an active-active service. Some customer workshop attendance may be required for proactive monitoring improvements. You will work with current support personnel to understand products used across the shared service and develop diagnostic skills.
Responsibilities
* Configuration, maintenance and continual improvement (tuning) of alerting rules and dashboards.
* Triage and investigate SIEM alerts, ensuring comprehensive case management and appropriate action taken.
* Proactively identify potential SIEM and/or overall security posture improvements.
* Occasionally attend Teams calls as the Protective Monitoring (ProMon) representative.
* Syslog auditing – identify, document and escalate blind spots in our syslog collection.
* Assist other RGs in the identification of specific activities/logs (or lack thereof).
* Assist 3rd Line security analysts with any other duties that may require additional resources.
* Anomaly detection and investigation.
Qualifications / Experience
* Solid understanding of cyber security concepts and related technology including basic attack techniques.
* Understanding of risk concepts and their impact.
* Hands-on experience with security case management is useful.
* Familiar with logging (e.g., Windows events, syslog).
* Experience and awareness of NCSC security principles and implementing these in operational environments.
* Experience with SIEM toolsets and tools such as Elastic, LogRhythm, NMAP, Nessus, Wireshark, etc.
* Good understanding of basic network protocols and services; basic understanding of IPSec.
* Experience with Cisco routers, Juniper firewalls, and VMware is beneficial.
* Comfortable producing and maintaining documentation and communicating with peers and senior team members.
* You must be eligible and willing to undergo a high level of UK Security clearance.
Benefits
* 26 days annual leave plus public holidays (3 flexible)
* Pension – Double matching contributions of up to 10%
* Life assurance
* Company-wide incentive plans
* Flexible benefits (increased holidays, travel, dental/critical illness and more)
* Perks at work – employee discounts
* Employee assistance programme / virtual GP
Recruitment process
The recruitment process consists of two stages of interviews. We are a Disability Confident Employer and will offer an interview to disabled applicants who best meet the minimum/essential criteria for the role. Email EMEIArecruitment@fujitsu.com if you would like to apply through the Disability Confident Interview Scheme.
Statements
We are recognised as a responsible and inclusive employer and are committed to diversity and inclusion; we are a Disability Confident Leader, Times Top 50 employer for Gender Equality, Top 75 for Social Mobility, Living Wage Foundation accredited, and signatories for the Race at Work Charter and LGBTI+ standards. Our hybrid work environments enable you to Be Completely You.
#J-18808-Ljbffr