Summary: The Lead SOC Analyst at BAE Systems Digital Intelligence is responsible for the day-to-day operations and continuous improvement of a dedicated Security Operations Centre (SOC) supporting a major UK Critical National Infrastructure (CNI) organization. This role involves monitoring, analyzing, and investigating security incidents within cloud-hosted environments, utilizing SIEM tools, and collaborating with various teams to enhance security measures. The position requires a hands-on approach within a 24/7 operational shift structure, necessitating SC clearance and readiness for DV clearance. The SOC aims to set a benchmark for best practices in cybersecurity defense against significant threats.

Key Responsibilities:

• Prepare and deliver shift handover briefs to incoming teams.
• Monitor, triage, analyze, and investigate alerts and network traffic to identify cyber-attacks/security incidents.
• Categorize suspected incidents according to the Security Incident policy.
• Recognize intrusion attempts and compromises through detailed analysis.
• Write high-quality security incident tickets and assist with remediation activities.
• Produce security incident review reports with recommendations for improvement.
• Understand and utilize Threat Intelligence in operational environments.
• Support incident response to national scale incidents in a coaching capacity.
• Collaborate with other teams to improve services based on customer needs.
• Develop new workflows for automation into SOAR tools for common attack types.
• Continuously improve services and propose changes in response to evolving threats.

Key Skills:

• Basic Python and/or scripting skills.
• Experience with Windows, OS X, and Linux.
• Proficiency in using Splunk and Sentinel.
• Strong understanding of security architecture and networking.
• Detailed knowledge of threat intelligence and threat actors.
• Experience investigating complex network intrusions.
• Understanding of TCP/IP layers and abnormal traffic identification.
• Familiarity with AWS and/or Azure cloud services.
• Client-side consulting and stakeholder engagement skills.
• Coaching mindset and mentoring abilities.
• Self-starter with independent working capabilities.
• Team player in diverse and multi-disciplinary teams.

Salary (Rate): undetermined

City: Leeds

Country: United Kingdom

Working Arrangements: hybrid

IR35 Status: undetermined

Seniority Level: undetermined

Industry: IT