SOC Analyst - Fully remote UK (£50,000 - £70,000 + Bonus)
You will be responsible for monitoring clients network and endpoints for security alerts, investigating incidents, and assisting in incident response. You will also play a vital role in maintaining and optimizing our security information and event management (SIEM) platform. While previous experience in a Managed Security Service Provider (MSSP) environment is advantageous, it is not a strict requirement.
Key Responsibilities
* Utilize a SIEM platform (LOGRHYTHM) to monitor the client's network and endpoints for security alerts, and conduct thorough investigations when incidents occur.
* Serve as the first-tier responder for incident analysis and investigation, escalating issues as necessary.
* Contribute to containment strategies during security incidents, data loss, or breaches.
* Assist in the design and implementation of SIEM use cases to enhance detection capabilities.
* Ensure the SIEM platform's health through daily checks and proactive maintenance.
* Employ various applications and systems, including firewalls, IDS, NAC, and encryption programs, to protect sensitive data and perform deeper investigations.
* Collaborate closely with the SecOps Team and engage with specialists to support security control operations.
* Assist in preparing reports documenting security incidents and their impact.
* Support Senior Security Analysts by providing guidance on threats, vulnerabilities, and security changes.
* Stay updated on the latest information security trends to assess their potential impact on the client's environment.
* Participate in an on-call incident response team on a rotational basis (fortnightly).
* Generate relevant reports, including end-of-day summaries, handover reports, management intelligence, and threat and risk analyses.
* Liaise with third-party vendors when necessary to troubleshoot SIEM platform issues.
* Ensure all deliverables align with agreed-upon KPIs and SLAs.
* Follow the lead analyst's direction on the account(s) and assist with other services as required.
Qualifications
* Solid knowledge and understanding of the IT industry and its business needs.
* Strong grasp of information technology and information security concepts.
* Familiarity with security risks and preventive controls.
* Understanding of Firewalls, IDS, NAC, as well as MacAfee EPO and HIPS (advantageous).
* Excellent comprehension of security operational processes and controls.
* Knowledge of the Cyber kill chain, Malware toolkits, Attack surface, and Attack vectors.
* Familiarity with processes for malware analysis and reverse engineering.
* Effective communication skills, with the ability to engage with stakeholders at varying operational levels.
* Team player with the ability to work independently.
* Willingness to follow established processes and enhance them as needed.
* Industry-recognized accreditation or higher education qualification, such as a Cyber Security-related degree, Network+ Sec+, ITIL, or equivalent demonstrable experience.
* Experience working in compliance-driven environments, such as PCI DSS, FSA (UK), and ISO.
* Applicants must be UK-based and able to pass a 3-year security background check.
Required Experience
* Proven 2 years of experience in a similar role, preferably within the Managed Security Service industry.
* Experience providing Managed Security Services or working in Threat/Risk Management environments, with a preference for SIEM platform exposure.
* Proficiency in monitoring security events, analyzing alerts, and managing security incidents, including incident prioritization and escalation.
* Knowledge or experience with Threat Detection and Hunting methodologies.
* Experience supporting Incident and Change Management processes.
SOC Analyst - Fully remote UK (£50,000 - £70,000 + Bonus)
Desired Skills and Experience
SIEM / SOC / Threat Hunting / Cyber Security / QRadar