Talentworx have partnered with a Cyber Security technology and service provider headquartered in Gloucestershire. They are looking to add a SOC Analyst to their current team of 11, with the primary aim being to undertake and support the response to a cybersecurity event or incident as well as support other cyber services within the business.
Additionally, you will be helping with the monitoring of information security controls within the business by analysing alerts received in line with our information security policies and practices and dealing with any/all security incidents.
Additional Training Budget
~26 days Annual Leave + Bank Holidays
~ Private Healthcare + Other Benefits
~ Hybrid Role working - The SOC team operates out of Manchester, however they are yet to have a defined office premises. Therefore they currently are extremely flexible with regards to in-office working and expect to move to 2 days a week on-site when they secure new premises.
~5 hours per week within a UK based rapid growth Cyber Business with a diverse client base + Early finish 1 day per week.
~ Vendor training and internal skills and knowledge transferring
Knowledge of security methodologies for investigation
Internal Security and Log Management
Dark Web monitoring service
Client Risk Compromise and Supply Chain Risk
CIS Based Gap analysis with our customers reviewing key parts of their cyber stack.
Use raw log sources and other security and operational tools to monitor and analyse the security posture of the IT estate and identify anomalous activity and behaviours.
Produce incident reports to present activity and outcome of operational security services and activity.
Aid with the investigation of security breaches following established procedures and make sure any recommended follow up actions are taken to ensure a reduction in the likelihood of reoccurrence.
Make sure that all security incidents have been correctly prioritised and diagnose in according to agreed procedures.
Make sure security incidents have been documented and closed according to agreed procedures.
Serve as a backup for security operations emergency response.
Information security
Use security tools and, where appropriate, develop scripts of your own tools to assist with the ongoing analysis of a security event or incident.
Provide advice and guidance to other teams within the business on good practice and maintain relevant and current industry knowledge.
In relation to active incidents, implement effective security controls to protect core business processes and data.
Oversee, in relation to active Incidents, the operation and optimisation of security tooling/products, including network security (IDS/IPS/Firewalls), logging and auditing, event and incident management, and privileged access management controls.
Act on security incidents, requests and events to ensure that threats, vulnerabilities and breaches are managed to minimise impact to confidentiality, integrity and availability of systems and data.
Understand the requirement for and be able to assist in the creation of security risk, vulnerability assessments, and business impact analysis as required.
Security administration
Oversee the operation or support the operation of tools that contribute to effective security.
Take responsibility to make sure that the onboarding of any enhancements to the security tools, including deployment and on-going management and maintenance is completed.
Undertake periodic reviews of relevant information security policies and baseline control standards, by influencing required additional and updated controls based on the content of internal and external audit reports, trends derived from security operations, information from project-based activities and incident resolutions.
QUALIFICATIONS, TRAINING AND EXPERIENCE (E= Essential. You will (ideally) hold, at least, one or more of the following security certificates:-
Networks,
understanding the business application of them and able to identify a balance between the management of risk and the capability for the business to continue to operate.
Communicates fluently, orally and in writing, and can present complex information to both technical and non-technical audiences.
Experience of Security Monitoring tools.
Experience of Vulnerability Management and Threat Intelligence.
Knowledge of perimeter and host security intrusion techniques.
Knowledge of commonly accepted information security principles and practices, as well as techniques attackers, use to identify vulnerabilities, gain unauthorised access, escalate privileges and access restricted information.