Job Description
The Tier 2 Cyber Security Analyst is a mid-Tier position within the Cyber Threat Analysis Centre (CTAC), responsible for advancing the initial work conducted by Tier 1 Analysts and providing more in-depth analysis of potential threats to the organization. This role is crucial in the escalated investigation, triage, and response to cyber incidents while supporting the development and training of Tier 1 Analysts.
The Tier 2 Analyst works closely with senior and Junior Analysts to ensure a seamless SOC operation and acts as a bridge between foundational and advanced threat detection and response functions.
Conduct escalated triage and analysis on security events identified by Tier 1 Analysts, determining threat severity and advising on initial response actions.
Apply expertise in SIEM solutions utilizing Kusto Query Language (KQL), to perform log analysis, event correlation, and thorough documentation of security incidents.
Identify and escalate critical threats to Tier 3 Analysts with detailed analysis for further action, ensuring rapid response and adherence to service Tier objectives (SLOs).
Investigate potential security incidents by conducting deeper analysis on correlated events and identifying patterns or anomalies that may indicate suspicious or malicious activity.
Use OSINT (Open-Source Intelligence) to enrich contextual data and enhance detection capabilities, contributing to a proactive stance on emerging threats.
Monitor the threat landscape and document findings on evolving threat vectors, sharing relevant insights with CTAC teams to enhance overall situational awareness.
Must be able to get potentially up to DV security clearance so sole British passport and British born
Current clearance is preferable
4 days onsite 4 day off,
Based in Erskine, inside IR35