The DigitalXRAID Security Operations Centre provides around the clock protective monitoring solutions to a client base that spans multiple industry verticals. Utilising industry-leading detection technology, our team of experienced SOC team members work to provide assurance detection and incident response capabilities to organisations of all sizes.
DigitalXRAID are looking for a Security Operations Engineer to join the Security Operations Centre and Incident Response team based in Doncaster, United Kingdom. This role is UK office hours (Mon - Fri 9am-530pm) with requirements to work in the office two days per week. There is also the potential to be on-call in this role as the Security Operations Centre covers clients 24x7x365.
Role Responsibilities
You will work alongside the SOC team to ensure the effective delivery of the following:
* Provide around the clock protective monitoring using industry leading security tools
* Provide advice and guidance to client targets of cyber-attacks and malicious activity to a high standard.
* Provide incident reporting capabilities ensuring that all information is provided in a timely, accurate and effective manner.
* Provide support to other SOC team members during security incidents and Threat Mining engagements. Assistance with onboarding process - deployment of SIEM, EDR and Vulnerability Management tools
* Serve as a technical point of escalation and provide mentoring for Junior Security Operations Centre (SOC) team members.
* Responsible for Engineering solutions, deploying security tooling, investigating incidents, analysing attack methods, researching new defence techniques and tools, developing security policy, and documenting procedures for SOC.
* Prepare reports, summaries, and other forms of communication that may be both internal and client facing.
* Ensure process adherence and process improvisation to achieve operational objectives
* Malware analysis and other attack analysis to extract indicators of compromise. Perform data security event correlation between various systems.
* Creation of new detection and automation rules.
* Delivery Demos to prospective clients and be involved with scoping engagements
Key Skills
The successful candidate will exhibit the following key skills and/or traits:
* Excellent communication skills and comfortable in a client facing role.
* A keen interest in cyber security and associated industries.
* A heightened awareness of current affairs in the cyber security industry.
* Proven ability to effectively communicate when under pressure (high pressure situations may arise during ongoing incidents or attacks).
* Proven ability to adapt to difficult situations (high pressure situations may arise during ongoing incidents or attacks).
* Ability to commute to the office a few times per month to collaborate with peers.
* Industry certifications would be highly advantageous if the candidate has any of the following (Microsoft SC-200, AZ-500, SC-100)
* Experience in any of the following technologies would be advantageous - MS Sentinel, MS Defender, USM Anywhere, SentinelOne, Tenable IO
#J-18808-Ljbffr