Our client, an industry leader in the Cyber arena, is looking for an experienced SOC Analyst to join their busy Security Operations Centre (SOC) and support the next phase of growth for the company.
As a SOC Analyst, you will be responsible for detecting, responding to, and mitigating cyber-attacks on our client's customers' networks within their Security Operations Centres. You will utilize a combination of SOAR, Elastic, and the Microsoft XDR ecosystem to deliver effective and appropriate defenses. Previous experience with Sentinel 1 would be highly beneficial.
This position is ideal for a seasoned SOC Analyst with experience in cybersecurity, seeking to broaden their skills with a strong focus on detection and response to cyber incidents.
Responsibilities
1. Defend monitoring systems, personnel, and data by identifying potential threats, vulnerabilities, and indicators of compromise.
2. Perform in-depth analysis of security alerts using advanced tools and systems (including Elastic, Microsoft XDR, and others).
3. Identify incidents and breaches, and provide appropriate remediation.
4. Offer recommendations and support to customers based on procedures and analyst expertise.
5. Collaborate with threat intelligence and threat hunting to enhance detection and enrichment.
Qualifications
* Strong practical knowledge of security and networking tools, including SIEM, EDR, and other security solutions.
* Experience with Microsoft Defender SIEM.
* Elastic experience is advantageous.
* Proven experience working as a SOC Analyst in a commercial environment.
* Understanding of common operating systems, network protocols, and attacker behaviors.
* Extensive experience analyzing security events and data points, and communicating findings, mitigations, and recommendations clearly and actionably.
Certifications
Desirable, but not essential:
* Security certifications such as CREST CPSA, CPIA, CRIA, CMRE, CNIA, CHIA.
* CompTIA Security+, CompTIA Network+.
* Vendor-specific Elastic Certified Analyst, Azure certifications (SC-200, AZ-500, MS-500).
#J-18808-Ljbffr