Job Description
Nomios' mission is to build a ‘secure and connected’ future. Organisations across Europe depend on us to help secure and connect their digital infrastructures. In support of our continued UK growth, we are seeking a SOC Analyst to join our Security Operations team. This is a fantastic opportunity to work with a broad and diverse set of customers who have entrusted Nomios to deliver their security operations.
Your role as SOC Analyst
As a SOC Analyst, you will be at the forefront of monitoring, investigating and securing our customers’ estates through state‑of‑the‑art tooling. This role would suit a junior SOC analyst in an existing Security Operations function or someone with an extensive infrastructure and networking background looking to take the leap into Cyber Security Operations.
Key Responsibilities
Build
* Participate in developing tuning of security monitoring and detection toolsets.
* Aid in the maintenance and updating of internal SOC processes and procedures.
* Assist in the testing and monitoring of newly created detection logic and use cases.
Investigate
* Monitor security alerts and incidents using a wide range of security tools and technologies.
* Produce regular reports and updates on customer(s) security posture.
* Conduct identification, analysis and qualification of security alerts, escalating internally and externally to customers where required.
* Effectively follow internal SOC procedures and runbooks for incident investigation.
* Aid in conducting threat hunting activities as directed.
* Review vulnerability management reports and provide analyst insight.
Improve
* Participate in SOC improvement projects (tooling, process, increase in SOC coverage).
* Deliver investigation reports, including continual improvement steps to both internal and external stakeholders.
* Stay current with the latest cybersecurity trends, threats and upcoming technologies.
Job Requirements
We hire result‑orientated, smart, and high‑energy individuals who bring a can‑do attitude and a willingness to go the extra mile and deliver exceptional outcomes. You should be organised and rigorous, with excellent analytical skills. Good communication with internal stakeholders is vital, as is the ability to work as part of a dynamic team.
Required technical skills
* Good knowledge of SIEMs – focused on day‑to‑day usage, navigation and creation of basic rulesets & dashboards aligned to MITRE ATT&CK.
* Foundational knowledge of incident response – aligned to MITRE ATT&CK with a good knowledge of common tactics, tools and techniques attackers utilise in the wild.
* Good knowledge of EDR/XDR – including incident investigation and day‑to‑day usage.
* Good knowledge of VM – including analysis and prioritisation.
* Foundational knowledge of CTI – including its utilisation within a SOC environment.
Preferred vendors
* Microsoft Sentinel, Google Chronicle (SECOPS).
* CrowdStrike, Microsoft, Palo Alto, SentinelOne.
* Rapid 7, Tenable.
Additional requirements
* 2+ years of experience working within a Security Operations Centre (SOC) or a strong and diverse background within Infrastructure and Networking (3+ years) orientated towards Cyber Security.
* Experience in ticket handling toolsets (Service Now, Salesforce, JIRA) aligned to ITIL best practices.
* Fluent in English with excellent written and oral communication skills.
* Eligible for SC clearance (five years living in the UK) required, or DV (ten years living in the UK) clearance preferred.
* Ability to use initiative and work independently.
#J-18808-Ljbffr