SOC Analyst
Posted 4 days ago by Endeavour Recruitment
£85 Per hour
Inside
Undetermined
Stevenage, Hertfordshire
Summary: The SOC Analyst role is focused on supporting the cyber security operations centre (SOC) in Stevenage, primarily involving threat detection and analysis. The position requires collaboration with senior SOC analysts and other teams to counter cyber threats effectively. The role includes monitoring, alert triage, and incident response within a 24x7 operational environment. Candidates should possess a strong background in cyber security and relevant technical skills to succeed in this dynamic role.
Key Responsibilities:
- Support the SOC Manager in countering cyber threats and operational functions of the UK SOC.
- Conduct analysis, monitoring, reporting, alerting, and investigation activities using various security platforms.
- Perform effective Tier 1 to 2 alert triage of security events.
- Monitor Cyber Security tools and SOC email notification mailboxes.
- Assist with the maintenance of security technologies and project activities.
- Engage in proactive threat hunting in collaboration with the CTI function.
- Ensure timely triage and remediation of incident or request tickets raised to the SOC.
- Participate in adding/removing URLs from the AcceptList and BlockList.
- Attend routine security meetings and conduct activities in line with SOC Maturity and continuous improvement.
Key Skills:
- Background in Cyber Security with experience in Network Security and Infrastructure.
- Knowledge of IT Security standard methodologies and OSI Reference Model.
- Experience with Security Information Event Monitoring Tools and Network Packet Capture tools.
- Hands-on experience with IDS/IPS technologies and threat hunting activities.
- Strong analytical skills and understanding of Defensive Cyber-attack methodologies.
- Good communication skills for liaising with business and suppliers.
- Desirable: Root cause analysis, detection engineering, and scripted automation experience.
Salary (Rate): £85/hour Umbrella Inside IR35
City: Stevenage
Country: United Kingdom
Working Arrangements: undetermined
IR35 Status: inside IR35
Seniority Level: Senior
Industry: IT
SOC Analyst (mid to senior) 8 heads across mid-senior
Stevenage only
SC to start (DV in long run)
Shift patterns:
Blocks of 4-5 days on & 4-5 days off.
Either early, lates or nights across the shift blocks (rotating).
2 weekends per 28 days.
28 hours per week
PAY RATE: (UMBRELLA INSIDE IR35)
Senior level= £680pd; £85 UMB
Mid level= £45 UMB
Job Title:
SOC Analyst
Overview of department:
An opportunity has arisen in the cyber security operations centre (SOC) within Information Management (IM) for a SOC Threat Detection Analyst. Supporting the Senior SOC analysts in assisting IM meet the challenges and demands of countering the Cyber Threat. The successful applicant will drive a proactive ethos in an ever-changing cyber security environment and provide robust threat detection and analysis within the 24x7 SOC.
Responsibilities:
- To support the SOC Manager in assisting Information Management UK meet the challenges and demands of countering the Cyber Threat. Support for the operational functions of the UK SOC. To work with other UK SOC members, including the UK InfoSec Team and the IM Domains (Customer Support and Infrastructure/Information Systems).
- It will cover analysis, monitoring, reporting, alerting and investigation activity utilising a wide variety of security platforms including AI/ML and behavioural analytics, SIEM (Security Information Event Management), Network Packet Capture platform, Anti Malicious Code, Threat Detection technologies and platforms across the UK Network Perimeter working with the best standard technologies.
- The SOC Analyst reports to the SOC Manager. The SOC Analyst conducts a range of analysis and assists the incident response team with investigations that need to be escalated to an Embedded member of staff.
- The SOC Analyst key responsibilities are:
- Effective Tier 1 to 2 alert triage of security events
- Monitoring of Cyber Security tools
- Monitoring the SOC email notification mailboxes
- Assists with the maintenance of Security technologies
- Assisting the SOC Solutions Lead with project activity
- Assist proactive threat hunting in collaboration with the CTI function
- Assist IR in HR and InfoSec related investigations
- Ensure the timely triage and remediation of any incident or request tickets raised to the SOC
- Participate in the activity of adding/removing URLs from the AcceptList and BlockList
- Attend routine security meetings
- Conduct activities in line with SOC Maturity and continuous improvement
Skillset/experience required (Baseline):
- A career background in Cyber Security. Security awareness and experience in all areas of IT, primarily Network Security, Infrastructure and the secondary area being Operating Systems & Applications.
- Knowledge of IT Security standard methodologies.
- Demonstrable understanding of the OSI Reference Model and the network communication protocols, including but not limited to DNS, HTTP/S, SSL, SMTP, FTP/S, LDAP/S.
- Demonstrable experience with Security Information Event Monitoring Tools and/or Network Packet Capture tools.
- Hands on experience with IDS/IPS technologies and threat hunting activities.
- Strong analytical experience and mind-set.
- Experience within Defensive Cyber-attack methodologies and frameworks.
- Understanding of Malware capabilities, attack vectors, propagation and impact.
- Good communication skills liaising with the business and suppliers.
Desirable Skillset/experience (Senior grade):
- Root cause analysis and leading T2 incident investigations
- Process/Playbook/Runbook development
- Working knowledge of detection engineering, false positive improvements
- Capability to tune SIEM rules or create custom detections
- Scripted automation experience eg Python, SOAR, PowerShell
- Threat modelling and Hunting methodologies