We have a number of Lead and Senior SOC Analyst roles requiring a high level of Security Clearance. The roles will be based fully onsite near to Milton Keynes covering a 24/7 shift rota.
You will be a part of a 24/7 team responsible for monitoring our systems, detecting potential security incidents, and initiating the incident response process.
Key Responsibilities
* Continuous Monitoring: You will monitor security tools, including Security Information and Event Management (SIEM) systems, to detect suspicious activity. You will be the first to see potential threats and will need to respond efficiently and professionally against defined processes.
* Incident Triage: You will analyse alerts and logs to determine if an event is a genuine security incident or a false positive. You will need to be methodical and follow established procedures to classify and prioritise incidents.
* Initial Incident Response: For confirmed incidents, you’ll perform initial containment actions, such as isolating affected systems, and escalating the incident to a Level 2 or 3 analyst for deeper investigation.
* Reporting and Documentation: You’ll create detailed tickets and reports for all detected incidents, documenting your findings and the steps you took. This is crucial for tracking incidents and for future analysis.
* Tool Management: You will assist in the maintenance and optimisation of security tools, ensuring they are working correctly and effectively.
Essential skills & experience include
* Excellent problem‑solving abilities, strong attention to detail, and the capacity to work under pressure. You should be a strong communicator, both written and verbal, and be comfortable working in a team environment.
* Experience of SPLUNK within a Security Operations Centre (SOC).
Education: A bachelor's degree in computer science, Cyber Security, Information Technology, or a related field is preferred. Relevant experience may be substituted for a degree.
Knowledge: You should have a foundational understanding of networking concepts (TCP/IP, DNS, etc.), operating systems (Windows, Linux), and common cyber‑attack techniques.
Certifications: While not required, certifications like CompTIA Security+, Cybersecurity Analyst (CySA+), or a similar certification are a significant bonus to the role.
Due to the nature and urgency of this post, candidates holding or who have held high level security clearance in the past are most welcome to apply. Please note successful applicants will be required to be security cleared prior to appointment which can take up to a minimum 10 weeks.
LA International welcome applications from all sections of the community and from people with diverse experience and backgrounds.
#J-18808-Ljbffr