Our new position of SOC Shift Lead will be to conduct monitoring and triage of alerts associated with host and network security events for our client's critical infrastructure. You will support the SOC through both delivery of client work and adding skills and ideas to the already diverse team. This role is based on site Hemel Hempstead and is shift work: 2 days at 6am to 6pm, 2 nights at 6pm to 6am, 4 days off. Please note you do need to be eligible for DV Clearance for this role.
Responsibilities
* Monitor, triage, and investigate security incidents on critical client infrastructure.
* In-depth analysis of network traffic, logs, and system events to identify potential security threats and vulnerabilities.
* Line management.
* Maintain, improve, and develop team knowledge of SOC tools, security operations and triage.
* Analyse and improve detection rules and use cases in line with Mitre Att&ck and threat-informed defence.
* Maintain and update security incident documentation, including incident reports, analysis findings, and recommended mitigation strategies.
* Represent the SOC within Partners meetings.
Qualifications
* Demonstrable experience in a Security Operations Centre.
* People management experience to help develop Analysts and lead careers.
* Demonstrable experience using Microsoft Sentinel and Splunk.
* Knowledge and experience with the Mitre Att&ck Framework.
* Solid grasp of client-server applications, multi-tier web applications, relational databases, firewalls, VPNs, and enterprise AntiVirus products.
* Good understanding of networking principles including TCP/IP, WANs, LANs, and commonly used Internet protocols such as SMTP, HTTP, FTP, POP, LDAP.
* Eligibility for DV Clearance.
Desired Skills
* Static malware analysis and reverse engineering.
* Programming and scripting such as Python, Perl, Bash, PowerShell, and C++.
* CREST Practitioner Intrusion Analyst/Blue Teams Level 1 or other SOC related certifications.
* Experience with SIEM technologies, namely Sentinel and Splunk, with some experience with QRadar.
We are committed to equality of opportunity for all and do not discriminate on the basis of race, religion, colour, gender, age, disability, sexual orientation or marital status. We welcome applications from people with a diverse variety of backgrounds and identities.
Sopra Steria's Aerospace, Defence and Security business designs, develops and deploys digital solutions to Central Government clients. The work we do makes a real difference to the client's goal of National Security, and we operate in a unique and privileged environment. We are given time for professional development activities, and we coach and mentor our colleagues, sharing knowledge and learning from each other. We foster a culture in which employees feel valued and supported and have pride in their work for the customer, delivering outstanding rates of customer satisfaction in the UK's most complex safety and security-critical markets.
#J-18808-Ljbffr