FPSG has urgent permanent, SC Cleared opportunities to present on behalf of our Client, hiring Cyber Security Analysts for roles in Central Scotland. These roles involve providing 24/7 shift pattern cover for their customers.
A generous shift allowance is paid on top of the basic salary, offering a competitive reward package and potential path to DV Cleared status where applicable. The roles require on-site presence in West Central Scotland on a 4 x 4 shift pattern: four 12-hour shifts followed by four days off.
IMPORTANT: Applicants must have only British Citizenship (dual citizenship or ILR status are not eligible) and currently possess live SC or DV Clearance, due to the urgent hiring timescale. Please only apply if you meet these citizenship and clearance criteria.
The Tier 2 Cyber Security Analyst will build upon initial work by Tier 1 Analysts, providing in-depth analysis of potential threats, supporting escalation, triage, and response to cyber incidents, and aiding in the development and training of Tier 1 Analysts. The role ensures seamless SOC operations and acts as a bridge between basic and advanced threat detection & response functions.
Responsibilities:
1. Conduct escalated triage & analysis on security events identified by Tier 1 Analysts, assessing threat severity & advising on initial response actions.
2. Utilize SIEM solutions with Kusto Query Language (KQL) for log analysis, event correlation, and documentation of security incidents.
3. Identify & escalate critical threats to Tier 3 Analysts with detailed analysis for further action, ensuring rapid response and adherence to service objectives.
4. Investigate potential security incidents through deeper analysis of correlated events, identifying suspicious or malicious activity.
5. Use OSINT techniques to enrich contextual data, enhancing detection capabilities and threat awareness.
6. Monitor the threat landscape, document findings on evolving threat vectors, and share insights with internal teams.
7. Follow incident response playbooks, provide feedback for improvements, and suggest updates to streamline processes and improve response times.
8. Collaborate with Tier 3 Analysts to refine detection & response workflows, contributing to SOC maturity.
9. Tune SIEM & detection tools in partnership with Tier 3 Analysts to reduce false positives and improve alert accuracy.
10. Identify gaps in detection content and work with Senior Analysts to develop and validate new rules and use cases.
11. Mentor Tier 1 Analysts, guiding on triage & analysis techniques and facilitating on-the-job training.
12. Assist in training sessions and knowledge-sharing activities, fostering a supportive learning environment within the SOC.
Knowledge and Skills:
1. Understanding of advanced networking concepts, including IP addressing, protocols, and traffic flow.
2. Advanced knowledge of Windows & Linux environments, including commands, file systems, and authentication mechanisms.
3. Proficiency with SIEM solutions (e.g., ArcSight, Azure Sentinel) and some exposure to XDR platforms.
4. Skilled in using KQL for log searching and filtering.
5. Familiar with OSINT techniques for threat identification and information gathering.
6. Effective communication skills for internal and external stakeholders, with the ability to explain technical issues clearly.
7. Ability to produce concise, structured reports on investigations and monitoring activities.
8. Effective workload management to meet SOC deadlines.
9. Willingness to collaborate, accept guidance, and learn from more experienced analysts.
10. Ability to perform under pressure, following procedures to maintain performance standards.
Next Steps:
If you hold live SC or DV Clearance and possess the relevant skills, and are willing to work on a rotating shift pattern (shift allowance paid on top of salary), please apply immediately. Suitable candidates will be interviewed promptly, provided they meet all citizenship and clearance criteria.
Desired Skills and Experience:
* Experience in escalated triage and analysis, threat severity assessment, and advising on response actions.
* Expertise in SIEM solutions with KQL, log analysis, and incident documentation.
* Ability to identify and escalate critical threats, ensuring rapid response and adherence to SLOs.
* Deep analysis of security events, identifying patterns or anomalies indicating malicious activity.
* Use of OSINT to support threat detection and situational awareness.
* Monitoring and documenting threat landscape changes, sharing insights with cyber teams.
* Following incident response procedures, providing feedback for process improvements.
* Working with Tier 3 Analysts to refine detection and response workflows.
* Tuning SIEM and detection tools to improve alert fidelity and reduce false positives.
* Developing and validating new detection rules with Senior Analysts.
* Mentoring Tier 1 Analysts and supporting training initiatives.
We are committed to Disability Confidence and neurodiversity. If you have a disability, please inform us of any reasonable adjustments needed during the application or recruitment process.
#J-18808-Ljbffr