SOC Analyst
Posted 2 weeks ago by 1760101657
Negotiable
Inside
Onsite
Reading, Berkshire
Summary: The SOC Analyst role requires an experienced professional to lead investigations and remediation of complex security incidents for a key client. The position involves proactive threat hunting, incident forensics, and collaboration with various teams to enhance organizational security. The role mandates three days of on-site work in Reading and falls inside IR35 regulations. Candidates should possess a strong background in cybersecurity, incident response, and relevant technical skills.
Key Responsibilities:
- Lead investigations and remediation of complex security incidents, including malware infections and data breaches.
- Utilize advanced SIEM tools and threat intelligence platforms to analyze security alerts.
- Take ownership of Tier 2-level escalations from Tier 1 analysts.
- Proactively search for threats using behavioral analysis and threat intelligence data.
- Perform in-depth forensic analysis to determine the scope and impact of security incidents.
- Provide guidance on incident containment, eradication, and recovery processes.
- Collaborate with internal stakeholders to improve overall security posture.
- Stay updated with the latest cybersecurity trends and contribute to threat intelligence enhancement.
- Create detailed incident reports and ensure proper documentation of incident response workflows.
- Ensure compliance with industry standards and regulations during incident response activities.
Key Skills:
- Bachelor’s degree in Computer Science, Information Technology, Systems Engineering, or a related field.
- Minimum of 6-8 years of experience in cybersecurity, incident response, or threat hunting.
- Strong experience in handling complex cyber incidents.
- Hands-on experience with SIEM platforms and endpoint detection/response tools.
- Proficient in incident response tools and techniques, including network and system forensics.
- Expertise in analyzing threats on various platforms (Windows, Linux, cloud environments).
- Familiarity with scripting languages (Python, PowerShell).
- Certifications such as CISSP, GCIH, CFCE, GCFA, or GCIA are preferred.
- Strong analytical thinking and problem-solving skills.
- Excellent communication and collaboration skills.
Salary (Rate): undetermined
City: Reading
Country: United Kingdom
Working Arrangements: on-site
IR35 Status: inside IR35
Seniority Level: undetermined
Industry: IT
SOC Analyst
Whitehall Resources currently require an experienced SOC Analyst to work with a key client
**Please note this role falls INSIDE IR35**
**This role requires 3 Days onsite in Reading weekly*
Your responsibilities:
Incident Detection and Response:
o Lead investigations and remediation of complex security incidents, including malware infections, data breaches, and advanced persistent threats (APTs).
o Utilize advanced SIEM (Security Information and Event Management) tools, threat intelligence platforms, and other security technologies to analyze and correlate security alerts.
o Take ownership of Tier 2-level escalations from Tier 1 analysts and guide them through complex incident response procedures.
Threat Hunting & Analysis:
o Proactively search for threats across the environment using behavioral analysis and threat intelligence data.
o Analyze data from logs, network traffic, endpoint activities, and threat intelligence feeds to detect unusual or malicious activity.
o Collaborate with other security teams to uncover hidden threats and vulnerabilities.
Incident Forensics:
o Perform in-depth forensic analysis to determine the scope, impact, and root cause of security incidents
Remediation and Recovery:
o Provide guidance on incident containment, eradication, and recovery processes.
o Work closely with IT teams to implement remediation steps and ensure that compromised systems are properly cleaned and restored.
o Collaborate with threat intelligence teams to identify indicators of compromise (IOCs) and ensure proper actions are taken to block further attacks.
Collaboration & Knowledge Sharing:
o Work with internal stakeholders (e.g., IT, network security, DevOps) to improve overall organizational security posture.
o Share knowledge, techniques, and findings with Tier 1 and Tier 3 teams to improve detection and response capabilities.
o Participate in post-incident reviews and recommend improvements to processes, tools, and techniques.
Security Intelligence & Research:
o Stay up-to-date with the latest cybersecurity trends, vulnerabilities, and attack techniques.
o Contribute to the enhancement of threat intelligence by sharing research findings on emerging threats.
o Develop and maintain custom detection signatures or playbooks to enhance detection and response capabilities.
Reporting & Documentation:
o Create detailed incident reports, including technical analysis and recommendations for mitigation.
o Present findings to management and external stakeholders, such as clients or regulatory bodies, when necessary.
o Ensure proper documentation of incident response workflows, timelines, and action items for continuous improvement.
Compliance and Risk Management:
o Ensure all incident response activities align with industry standards, regulations, and best practices (e.g., NIST, ISO 27001, GDPR, HIPAA).
o Work with legal and compliance teams to manage incidents within the scope of data privacy laws and regulations.
Essential skills/knowledge/experience:
* Bachelor’s degree in Computer Science, Information Technology, Systems Engineering, or a related field.
Experience:
o Minimum of [6-8] years of experience in cybersecurity, with incident response, digital forensics, or threat hunting.
o Strong experience in handling complex cyber incidents (e.g., APTs, ransomware, data breaches).
o Hands-on experience with SIEM platforms (e.g., Splunk, ArcSight, LogRhythm) and endpoint detection/response (EDR) tools.
Technical Skills:
o Proficient in incident response tools and techniques, including network and system forensics, malware analysis, and memory analysis.
o Expertise in analyzing and responding to threats on different platforms (Windows, Linux, cloud environments, etc.).
o Familiarity with scripting languages (Python, PowerShell, etc.) to automate tasks or create custom detection methods.
Certifications (Preferred ):
o Certified Information Systems Security Professional (CISSP)
o Certified Incident Handler (GCIH, EC-Council)
o Certified Forensic Computer Examiner (CFCE)
o GIAC Certified Forensic Analyst (GCFA)
o GIAC Certified Intrusion Analyst (GCIA)
Analytical Skills:
o Strong analytical thinking, with the ability to connect seemingly unrelated pieces of information to identify threats.
o Excellent troubleshooting, problem-solving, and decision-making skills.
Soft Skills:
o Strong communication and collaboration skills for working across various teams.
o Ability to create clear, actionable reports and present findings to technical and non-technical stakeholders.
o Ability to work in high-pressure situations and handle escalated incidents effectively.
All of our opportunities require that applicants are eligible to work in the specified country/location, unless otherwise stated in the job description.
Whitehall Resources are an equal opportunities employer who value a diverse and inclusive working environment. All qualified applicants will receive consideration for employment without regard to race, religion, gender identity or expression, sexual orientation, national origin, pregnancy, disability, age, veteran status, or other characteristics.