As someone with a passion for understanding and defeating the latest online threats, you’ll use your knowledge to protect our clients and grow our operations. In return, you’ll be at the cutting edge of new technology, learning new skills and gaining certifications that are recognised and respected across the industry.
Our advanced Security Operations Centre (SOC) uses a combination of established solutions and cutting‑edge internally developed technology to protect IT networks from a wide range of cyber threats on a 24x7x365 basis, with a particular focus on protecting organisations that are threatened by sophisticated targeted attacks. This includes operational responsibility for all in‑life services delivered to customers across a wide variety of market sectors.
This is a shift‑based role which is responsible for analysing and responding to all security and service‑related events on a 24x7 basis. The role is ‘hands‑on’, with a requirement to carry out cyber analysis.
Working within the SOC, you will play a key role in helping to protect customers IT networks from cyber attack.
Responsibilities
* Monitor and analyse Intrusion Detection Systems (IDS), Anomaly Detection Systems (ADS), Firewall event logs, and Security Incident and Event Management (SIEM) toolset event logs to identify security attacks and threats for remediation/suppression.
* Assist in Computer Security Incident Response activities for large organisations as a 1st line security analyst to identify various malicious threats in enterprise environments.
* Ensure timely accurate communications of alerts to IT, Network or Security groups regarding intrusions and compromises to their network infrastructure, applications and operating systems.
* Assist Senior Analysts with the implementation of counter‑measures or mitigating controls.
* Although not directly accountable for changes to policy and guidelines, you will be required to make recommendations to improve operational effectiveness and efficiency.
Qualifications
* Broad experience of technologies including but not limited to; Firewalls, IPS & IDS, Active Directory, Windows Server, Linux, TCP/IP, Networks, AWS, CDN's, Vulnerability management and SIEM, DRM.
* At least basic knowledge the fundamentals of cyber security
* Security Administration
* Incident containment, recovery and mitigation
* Strong analytical and problem solving skills
* Willing to work flexible schedules
* Relevant security certifications including SSCP, CEH, Security, GCIH.
* Experience with SIEM or Service Desk toolsets.
* Evidence of working to SLAs within a Security Operations Centre.
* Previous experience of working within a shift‑based structure as part of a 24x7x365 service delivery environment is advantageous.
#J-18808-Ljbffr