Job Description
Company Overview
Cyber Security Associates Limited (CSA), established in 2013, provides cyber consultancy and cyber managed services which help to detect, protect and educate against the ever-changing cyber threat. CSA has built its team from a foundation of UK Government (ex-Military) and commercially experienced specialists all holding current and relevant cyber certifications. Today CSA’s core services are based around a 24/7 Security Operations Centre (SOC) based in Gloucester.
CSA is backed by FluidOne, a market leading connected cloud solutions provider, who provide support and funding firepower for our ambitious growth plans. Our vision is to be the best quality UK cyber security managed service provider.
Role Overview
As a Senior SOC Analyst, Technical Lead, you will work with a specialized and experienced team. Building and maintaining strong client relationships will be at the forefront of your responsibilities. You will assist and be directly involved in daily SOC operations, providing technical and comprehensive security expertise to clients, supporting our analysts, and be continuously monitoring, evaluating, and improving clients overall security posture.
The successful applicant will have a strong background in security operations, excellent customer service skills, incident response, and threat hunting, as well as experience in managing and mentoring junior team members. You should also have experience in providing exceptional service to customers and a strong passion for the cybersecurity industry. Your contributions will help drive the growth and development of our Security Operations Center (SOC).
You will be part of the leadership team, contributing to the overall development of the SOC and assisting with decisions that will shape the future of CSA’s success. Given our clients’ diverse backgrounds and varying levels of technical knowledge, excellent communication skills and the ability to translate technical information into layman’s terms are critical to your success in this role.
You will work on day shifts from 09:00 – 17:30, but will be required to cover on-shift Analyst duties during annual leave or sickness.
Responsibilities
* Provide mentorship to Security Analysts and collaborative support to the wider Security Operations Centre.
* Act as a point of contact for the client’s senior management and external partners during security incidents.
* Build and maintain strong relationships with clients, including regular meetings and communications to ensure their needs are met and any issues are addressed, assisting the service delivery manager with technical issues.
* Triage and analysis of alerts from multiple SIEM’s and Platforms (Microsoft Sentinel, Microsoft Defender, SentinelOne and AppGuard) and intelligence monitoring capabilities, prior to escalation to the Shift Leader in accordance with the customer contracted Service Level Agreements.
* Investigate, mitigate and remediate with the assistance of our SOC team as part of our cyber helpdesk function.
* Conduct log analysis during event and incident investigations.
* Assist in the Incident Response process internally and in communication with the customer.
* Produce high-quality alert, incident, and threat intelligence reports.
* Compile phishing campaign templates, run campaigns, and write reports.
* Serve as a security expert to customers and team members.
* Escalate high-priority technical or security issues by communicating your analysis to customers promptly and according to their specifications.
* Research new methods and techniques in cybersecurity to improve your knowledge as a Senior Cyber Analyst.
* Contribute to the senior SOC management team by driving improvements within the SOC.
Requirements
* SC Clearance or eligibility.
* Acquired Microsoft SC-200
* Acquired one or some of the following: AZ-500, SC-100, SC-300, SC-400.
* Experience in a similar role.
* Proficiency in Microsoft Sentinel, including hands-on experience in investigations, developing and fine-tuning analytical rules, creating workbooks, and designing automation playbooks.
* Knowledge/experience with EPP Tools such as Microsoft Defender for Endpoint, SentinelOne.
* Experience mentoring and leading individuals or teams.
* Familiarity with MITRE Att&ck and D3fend Framework.
* Understanding of networking, including TCP/IP, with an interesting in Information security.
* Experience with ticketing systems including workflow, ticket routing and resolution documentation.
* Strong problem-solving skills and the ability to make quick and effective decisions in high-pressure situations.
* Keen attention to detail and commitment to delivering quality services to clients.
* Excellent communication skills, both written and verbal, with the ability to translate technical information for a non-technical audience.
* Able to manage sensitive and sometimes confidential information.
* Self-motivation and able to take responsibility.
* Able to manage and prioritise tasks and time efficiently.
* Personal interest and passion for cyber or information security.
* Flexibility to cover the duties of the Senior Analyst on shift in the event of absence or sickness.
Benefits
* Hybrid ways of working, with mixture of office and home-based working.
* + 5% shift allowance.
* Overtime available.
* Workplace Health and Benefits Package.
* 3-month probation period.
* Access to online cyber training courses and packages.
* Workplace Pension Scheme (if applicable and payable from start date).
* 26 days paid holiday in addition to all bank holiday and public holiday per year.
* Additional paid holiday day per year for Birthday.
* Fantastic company culture including regular team building and social events.
* Excellent progression opportunities and training support.