Job Overview
Join to apply for the SOC Analyst (Mid‑Senior level) role at European Foundation for Business Qualification (EFBQ). The position is with the UK's trusted Ministry of Defence partner, supporting the cyber security operations centre (SOC) within Information Management (IM) across a 24x7 SOC.
Key Responsibilities
* Support the SOC Manager in assisting Information Management UK in countering cyber threats across the UK SOC.
* Work with other UK SOC members, the UK InfoSec Team, and the IM Domains (Customer Support and Infrastructure / Information Systems).
* Perform analysis, monitoring, reporting, alerting, and investigation activities using AI/ML, behavioural analytics, SIEM, Network Packet Capture, Anti‑Malicious Code and other threat detection technologies.
* Contribute to incident response investigations that are escalated to embedded staff.
* Conduct proactive threat hunting in collaboration with the CTI function.
* Assist with the maintenance of MBDA Security technologies.
* Help the SOC Solutions Lead with project activity.
* Ensure timely triage and remediation of any incident or request tickets raised to the SOC.
* Add/remove URLs from the AcceptList and BlockList.
* Participate in routine security meetings.
Qualifications
* Extensive background in Cyber Security with expertise in Network Security, Infrastructure, Operating Systems, and Applications.
* Proficiency in IT Security best practices.
* Strong understanding of the OSI Reference Model and network communication protocols (DNS, HTTP/S, SSL, SMTP, FTP/S, LDAP/S).
* Experience with Security Information Event Monitoring Tools and Network Packet Capture tools.
* Hands‑on experience with IDS/IPS technologies and threat hunting.
* Strong analytical skills and mindset.
* Knowledgeable in Defensive Cyber‑attack methodologies and frameworks.
* Understanding of malware capabilities, attack vectors, propagation and impact.
* Excellent communication skills for liaising with business and suppliers.
Desirable Skills & Experience (Senior Level)
* Proven experience conducting root‑cause analysis and leading Tier 2 incident investigations to resolution.
* Demonstrated ability to develop and maintain incident response playbooks, SOPs and runbooks.
* Strong working knowledge of detection engineering, tuning detection logic and reducing false positives.
* Proficiency in SIEM rule tuning and creating custom detection use cases aligned with threat models.
* Hands‑on experience with security automation and orchestration, scripting in Python, PowerShell or using SOAR platforms.
* Solid understanding of threat‑modelling frameworks and practical application of threat hunting methodologies.
Additional Information
Security Clearance: British Citizen or a Dual UK national with British citizenship. All successful candidates will undergo HMG Basic Personnel Security Standard checks (BPSS). Restrictions and limitations relating to nationality and/or rights to work may apply.
More About The Role: For more than 70 years, our client has been in a strong partnership with the UK military, providing essential defence capabilities across land, sea and air. The role is based at our client’s headquarters in Stevenage, which offers an onsite gym and coffee shop, along with training and development opportunities.
What happens now? Upon submission, qualified candidates will be contacted via e‑mail to arrange a screening call. The screening is contingent upon the initial success of the application.
Contact & Application
Application deadline: currently open (jobs updated recently). For questions, please contact the recruiting team.
#J-18808-Ljbffr