R2 Cyber Security Analyst
Remote
Role Purpose
Today, it is an unavoidable fact that your business-critical infrastructure and systems are at risk of attack. The key to good security is a clear understanding of what is most critical to the business. When you do not have enough internal resources, time, or skills to monitor and manage your IT environment 24/7, NCC Group can help, freeing up your skilled employees to focus on value-add activities.
NCC Group provides a range of managed and hosted services delivered from our Global Security Operations Centre (SOC), which operates 24/7, 365 days a year. Our team of over 100 accredited security experts is available around the clock, dealing daily with over 200 million log events and providing support for thousands of network devices.
NCC Group’s MXDR Team provides world-class Extended Detection and Response (XDR) services, detecting, responding to, and mitigating cyber-attacks on our customers' networks in our Security Operations Centres. We use a plethora of detection tools such as the Microsoft Security Stack, Splunk, EDR, IDS & IPS tools, and many more, all integrated with NCC Group's Unified Cyber Platform (UCP).
The MXDR Team is looking for R2/L2 Security Analysts with a passion for security to join the team, helping customers get the most out of our services and protect their networks. This is an opportunity to join a technically advanced and talented team and help NCC Group build and deliver world-class services to our customers.
This role is ideal for a seasoned SOC Analyst with experience in cybersecurity looking to broaden their scope of cyber skills with a strong focus on detection and response to cyber incidents.
Summary
1. Monitor global systems for potential threats, vulnerabilities, and indicators of compromise.
2. Perform in-depth analysis of security alerts utilising both NCC Group's UCP and explore further using the underlying detection platform where necessary.
3. Provide incident remediation and prevention documentation and recommendations to customers based on defined procedures and analyst experience.
4. Document and adhere to processes related to security monitoring procedures.
5. Provide customer service that always exceeds our customers’ expectations.
6. Initiate escalation procedures to counteract potential threats, vulnerabilities, and threat actors.
7. Compile and review service-focused reports.
8. Act as an escalation point for junior team members, aiding and mentoring where necessary.
9. Contribute to the continuous improvement of SOC procedures and documentation.
10. Perform other SOC duties as assigned.
What we are looking for in you
11. Practical knowledge of one or more security and networking toolsets, such as but not limited to: Microsoft's XDR suite (Sentinel/Defender), Splunk Enterprise/Cloud/Enterprise Security.
12. Pre-existing, in-depth knowledge of common network protocols and endpoint detection/forensics.
13. Pre-existing, in-depth knowledge of Windows and Linux-based operating systems.
14. Experience in the extensive analysis of common security incidents.
15. Experience in endpoint security.
16. Ability to stay calm in highly sensitive and high-pressure incidents.
Desirable Certifications
It is not mandatory to hold these certifications, however, a demonstration of understanding of one or more of the following is desirable:
Microsoft certifications
17. SC-200
18. AZ-500
19. AZ-900
20. MS-500
Splunk certifications
21. Certified User
22. Certified Power User
23. Certified Advanced Power User
24. Certified Enterprise Security Administrator
CrowdStrike
25. Certified Falcon Responder (CCFR)
26. Certified Falcon Hunter (CCFH)
CREST CPSA / CRIA / CMRE / CNIA / CHIA.
CompTIA
27. Security+
28. Network+
29. CySA+
Cisco CCNA
SANS
30. GCIA
31. GCIH
32. GSEC
Other relevant certifications.
Ways of working
Focusing on Clients and Customers.
Working as One NCC.
Always Learning.
Being Inclusive and Respectful.
Delivering Brilliantly.
Our company
At NCC Group, our mission is to create a more secure digital future. That mission underpins everything we do, from our work with our incredible clients to groundbreaking research shaping our industry. Our teams' partner with clients across a multitude of industries, delving into, securing new products, and emerging technologies, as well as solving complex security problems. As global leaders in cyber and escrow, NCC Group is a people-powered business seeking the next group of brilliant minds to join our ranks.
Our colleagues are our greatest asset, and NCC Group is committed to providing an inclusive and supportive work environment that fosters creativity, collaboration, authenticity, and accountability. We want colleagues to put down roots at NCC Group, and we offer a comprehensive benefits package, as well as opportunities for learning and development and career growth. We believe our people are at their brilliant best when they feel bolstered in all aspects of their well-being, and we offer wellness programs and flexible working arrangements to provide that vital support.
Come join us?
What do we offer in return?
We have a high-performance culture which is balanced evenly with world-class well-being initiatives and benefits:
⏰Flexible working
💸 Financial & Investment
Pension
Life Assurance
Share Save Scheme
Maternity & Paternity leave
🙋🏾Community & Volunteering Programmes
⚡ Green Car Scheme
🚴 Cycle Scheme
🧑🏻🤝🧑🏻 Employee Referral Program
🧘🏻 Lifestyle & Wellness
🎓 Learning & Development
👨🏿🦽 Diversity & Inclusion
So, what’s next?
If this sounds like the right opportunity for you, then we would love to hear from you! Click on apply to this job to send us your CV and cover letter and the relevant member of our global talent team will be in touch with you. Alternatively send your details to .