This job is no longer available.
You can view related vacancies or set-up an email alert notification when similar jobs are added to the website using the buttons below.

Level 2 SOC Analyst

JT2708_1566896248
£30000 - £34000 per annum

Managing this Role

Jake Taylor

Candidate Consultant - Cyber Specialist 0207 759 7878

A keen sportsman and captain of his local rugby team in Essex, Jake is naturally adept at spotting top performers. With a specific candidate pool from professional services, Jake sources the best cyber security talent for Magic Circle, Silver Circle and top 100 UK law firms.

 

Seniority: Mid - Level

Job Type: Permanent

Geographical coverage: London

Market: Cyber Security operations within the legal sector

Do you want to work with a team of experienced Network and Information Security Engineers? Are you ready to put your skills to the test whilst working for an incredibly successful MSSP who advise clients on Cyber Security on a Global scale?

You will be comfortable with working within a SOC and carrying out your normal routine of providing security analysis of customer security events using SIEM tools to monitor and manage systems, whilst assisting in vulnerability management for a portfolio of blue-chip and mid-market customers. You will also have a great work ethic and be willing to go the extra mile.

Whilst working in a 24/7 shift rotation pattern you will be interfacing with a varied array of personnel from infrastructure teams to Heads of operations. Travel to Client sites may also be required depending on work undertaken.


This role requires the following operational skills:

  • Good understanding of Network Security.
  • Ability to provide relevant and timely analysis and recommendations to customers based on analysis of events from a SIEM platform.
  • Customer-facing, with good report-writing skills and strong communication skills at all levels.
  • Ability to provide technical and service leadership to L1 and other L2 analysts. Be a thought leader in the SOC.
  • Ability to consistently deliver to deadlines while prioritising competing demands for time, without sacrificing quality.
  • Professional, hard-working and have the ability to pay attention to detail.
  • Good understanding of ITIL processes, including Change Management, Incident Management and Problem Management.
  • Willingness to share information, improve documentation, and train other analysts.
  • Ability to work on shift rotation

Additional Skill set:

  • Analysis of alerts arising from Security Event and Information Management tools, ideally based on HP ArcSight.
  • Vulnerability Scanning and reporting ideally based on Qualys. Prioritising and tracking remediation of vulnerabilities.
  • Experience of network-based User Behaviour Analytics (DarkTrace, ArcSight User Behaviour Analytics etc) advantageous but not essential.
  • Experience of packet-capture tools and analysis of packet flows advantageous but not essential.
  • Experience of security assessment and penetration testing tools advantageous but not essential.
  • Knowledge of Threat Intelligence Services advantageous but not essential.
  • Experience working with service providers and network management platforms (SolarWinds).
  • Microsoft data manipulation.

If you feel you are the right person for this role and you are ready to engage with a varied array of clients and test your skill set whilst working for this MSSP then get in touch now!

Huntress Search Ltd does not discriminate on the grounds of 'protected characteristics' as defined under the Equality Act and other relevant UK legislation.

Huntress Search Ltd acts as a Recruitment Agency in relation to all Permanent roles and as a Recruitment Business in relation to all Temporary roles.

PLEASE NOTE: We can only consider applications from candidates who have the right to work in the UK.


This job has now been filled but you may be interested in:

 

Technical Security Architect

Are you looking for a position of importance? My client is looking for a Technical Security Architect to help provide resilience across their Cyber teams to ensure they maintain operational capability in the current security landscape. In This role you will be there to support the services which provides data communications to various sites and systems as part of Business Infrastructure and Revenue earning systems. This is a highly technical role but one of vital importance to the day to day running of our client's business.

Key Responsibilities:

  • Develop and maintain a security architecture process that enables the enterprise to develop and implement security solutions and capabilities that are clearly aligned with business, technology, threat and customer drivers
  • Develop security strategy plans and roadmaps based on sound enterprise architecture practices
  • Develop and maintain security architecture artifacts (e.g., models, templates, standards and procedures) that can be used to leverage security capabilities in projects and operations
  • Track developments and changes in the digital business and threat environments to ensure that they're adequately addressed in security strategy plans and architecture artifacts
  • Participate in application and infrastructure projects, and commercial product/service development activities to provide security design and consultancy advice
  • Draft security procedures and standards to be reviewed and approved
  • Determine baseline security configuration standards for operating systems (e.g., OS hardening), network segmentation, identity and access management (IAM) and cyber products and services
  • Develop standards and practices for data encryption and tokenization in the organization, based on the organization's data classification criteria
  • Conduct or facilitate threat modeling of services and applications that tie to the risk, data and industry drivers associated with the service or application
  • Validate IT infrastructure and other reference architectures for security best practices and recommend changes to enhance security and reduce risks, where applicable
  • Validate security configurations and access to security infrastructure tools, including firewalls, IPSs, WAFs and anti-malware/endpoint protection systems for both internal and commercial utilisation
  • Review network segmentation to ensure least privilege for network access
  • Liaise with the Procurement team to conduct security assessments of existing and prospective vendors, especially those with which theorganization shares intellectual property (IP), as well as regulated or other protected data:
    • Software as a service (SaaS) providers
    • Cloud/infrastructure as a service (IaaS) providers
    • Managed service providers (MSPs)
    • Payroll providers
  • Evaluate the statements of work (SOWs) for these providers to ensure that adequate security protections are in place. Assess the providers' SSAE 16 SOC 1 and SOC 2 audit reports (or alternative sources) for security-related deficiencies and required "user controls" and report any findings to the Director, Security Engineering and Procurement teams
  • Support the testing and validation of internal and commercial security controls, as directed by the Director, Security Engineering
  • Review security technologies, tools and services, and make recommendations to the broader security and product development teams for their use, based on security, financial, operational and commercial metrics

QUALIFICATIONS

Essential Knowledge and Skills:

  • Professional security management certification, such as a Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA) or other similar credentials, is desired.
  • Formal training in a relevant enterprise architecture methodology (for example, the Zachman Framework or TOGAF).
  • Strong combined IT and security work experience, with a broad exposure to infrastructure/network and multiplatform environments.
  • Knowledge of security issues, techniques and implications across all existing computer platforms, including datacenter, networks, cloud (IaaS/PaaS/SaaS), micro-services and emerging/maturing technology platforms.
  • Experience in using an enterprise architecture methodology (for example, Zachman, TOGAF and Gartner frameworks).
  • Knowledge of a security-specific architecture methodology (for example, SABSA).
  • The role is involved in projects or issues of high complexity that require in-depth knowledge across multiple technical areas and business segments.

This is an exciting opportunity to join a global organisation and to find out more apply today!

Blackthorn Trace, trading name of Huntress Search Ltd, acts as a Recruitment Agency in relation to all Permanent roles and as a Recruitment Business in relation to all Temporary roles.

PLEASE NOTE: We can only consider applications from candidates who have the right to work in the UK.

Application Security Specialist

Blackthorn Trace are working with one of the world's largest online ticketing providers. Operating in over 45 countries they have over 80 million visits to their website/app each month. They are now looking to add to their current security team after phenomenal growth in recent years.

Their application security team works closely with development and operations to build security in to applications and support processes. They provide assurance in the application lifecycle in various areas, including; design reviews, supporting automated code scanning, performing targeted application vulnerability assessments, and ethical hacking across systems.

Key Responsibilities

  • Ensuring ongoing security of multichannel operations covering ecommerce, mobile, and customer relations
  • Helping to embed security in the development and operational lifecycle, and showing continued security value by presenting risk from the customer and business perspective
  • Ensuring teams have what they need to deliver secure code and applications including the skills, tools and training
  • Static and dynamic security testing including code scanning, hands on targeted assessments and ethical hacking
  • Ownership of security toolsets for the discovery and investigation of potential vulnerabilities and activity monitoring
  • Reviewing and advising on application architecture and designs
  • Acting as security evangelist and 'mentor' to the business and development teams

Knowledge & Experience

  • Excellent skills in penetration testing
  • Experience working with external pen testers
  • A thorough knowledge of cyber and information security
  • Experience or working knowledge of a variety of SAST and DAST security tools
  • Hands on exposure with web application firewalls
  • Knowledge of infrastructure security scanning software
  • Knowledge of secure development practices
  • Able to analyse technical data to decipher, prioritise and act upon findings
  • Knowledge of software security standards
  • Knowledge of current information security standards and regulations

The team you will be joining are extremely passionate about the company and the industry. They are looking for a very personable and proactive candidate to join their family. If you are looking to join a company that offers, clear progression and development for the future then please get in touch now!

Blackthorn Trace, trading name of Huntress Search Ltd, acts as a Recruitment Agency in relation to all Permanent roles and as a Recruitment Business in relation to all Temporary roles.

PLEASE NOTE: We can only consider applications from candidates who have the right to work in the UK.

Security Design Specialist

We are looking for a Security Design Specialist to join our client who are undergoing a massive transition. They are looking to transform their security posture and bring in a specialist team of Architects to assist them. It will be down to you and the team to ensure the confidentiality, availability and integrity of the system whilst providing technical security advice. You will also have a say in future tooling's and systems used and how to improve security processes in the future.

JOB ACCOUNTABILITIES

  • Responsible for technical assurance of security systems, infrastructure, applications and solutions, aligned to IT strategy and security standards

  • Responsible for establishing and maintaining security standards, processes, procedures and guidelines related to security architecture and Technical Design Authority process

  • Provide IT teams with security focused technical consultancy to ensure compliance with security policies, standards and regulations

  • Input into RFI and RFP technology/vendor selection, ensuring solutions embed and meet security requirements and are secure by design.

  • Contribute to/and implement strategies for embedding relevant security policies and security technical standards in projects and services

  • Ownership of the design and configuration requirements for operational security systems and platforms

  • Responsible for continuous improvement of security services and contribution to the security architecture roadmap

  • Retain a working knowledge of related security technical areas such as; application, network and host, to enable effective liaison with other technical groups and protection of Sensitive Information.

  • Produce and disseminate management information in relation to security technical architecture, technical assurance of projects and all associated solutions

  • Establish mechanisms, behaviours and culture to encourage the protection of their information and information systems.

  • Work closely with enterprise architects, solution architects, technical architects and other senior IT designers to ensure all services are 'Secure by Design'

KEY SKILLS REQUIRED

  • A thorough understanding of the security threat landscape, significant risks, technical developments and directions.

  • Demonstrable experience of working in a security architecture team

  • Depth of experience in IT Technical Security, including time as a security senior practitioner

  • Experience of security systems and controls, including, vulnerability management, web content filtering, intrusion prevention, SIEM, email security, DLP, NAC, IAM, O365, AWS, SDLC, SDLC, SAST, DAST, SecDevOps tool chain and Web Application Firewalls

  • Ability to harness the commitment and contribution of team members outside of direct span of control

  • Ability to conduct research into security technical platforms and evaluate capabilities

  • Ability to build strong relationships and influence decisions with internal and external stakeholders.

  • Familiarity with patterns, practices and frameworks of Enterprise Architecture

  • Certified Information Systems Security Professional (CISSP)

  • Certified Information Security Architecture Professional (CISSP-ISSAP)

  • Certified Secure Software Lifecycle Professional (CSSLP)

  • Certified Cloud Security Professional (CCSP)

This is an exciting opportunity to join our

Blackthorn Trace, trading name of Huntress Search Ltd, acts as a Recruitment Agency in relation to all Permanent roles and as a Recruitment Business in relation to all Temporary roles.

PLEASE NOTE: We can only consider applications from candidates who have the right to work in the UK.

SOC Manager

As a member of the Information Security - Security Operations team (InfoSec SecOps); you will maintain the confidentiality, availability and integrity of our information and information systems. This will primarily be achieved through identification and mitigation of risk through security systems management and incident management.

Reporting to the Head of IT Security this role leads a team of Security Support Analysts, Threat and Vulnerability Managers along with Security Engineers. It's also has accountability for the strategic relationship of several Security 3rd party suppliers.

Role responsibilities

  • Manage, lead and develop a high-performing team of security analysts and a vulnerability manager
  • Accountable for ensuring the team is adequately resourced and skilled to meet demand and 24 x 7 cover
  • Accountable for the delivery of a security operations capability and recommending operational security improvements to other IT teams.
  • Ensure clear strategies are in place for embedding operational security controls, aligned to relevant security policies and technical standards
  • Produce and disseminate management Information in relation to security incidents and the performance of technical Information Security controls
  • Manage all Security Operations 3rd Parties in ensuring they deliver value for money.
  • Lead the investigation and resolution of security incidents, root cause analysis and service improvements
  • Prepare reporting material for periodic security groups
  • Lead and direct the team and other IT areas to address timely remediation of identified vulnerabilities
  • Monitor security threats and known vulnerabilities to ensure that appropriate operational security controls are working effectively to prevent, detect and respond to security events and alerts
  • Demonstrate the efficiency and effectiveness of security operational controls, and ensure that security control performance is optimal
  • Develop and operate processes and procedures that counteract potential threats and vulnerabilities

Role Requirements

The successful candidate will have the following skills and experiences;

  • A thorough understanding of the Information security threat landscape, significant risks, technical developments and directions.
  • Strong interpersonal and management skills are essential.
  • Depth of experience in IT Technical Security, including time as a security principle practitioner
  • Experience of managing a managed security service provider
  • Experience of using forensic investigative techniques
  • Experience of using threat intelligence systems and services
  • Experience of vulnerability management
  • Direct experience of leading a security operations team
  • Experience of leading response and management of security incidents
  • Demonstrable experience in the identification and implementation of information security technical controls
  • Certified Information Security Manager (CISM)
  • Certified Information Systems Security Professional (CISSP)
  • ITIL v3
  • SFIA. level 5, Master
  • IISP. Level 5, Principle Practitioner

Blackthorn Trace, trading name of Huntress Search Ltd, acts as a Recruitment Agency in relation to all Permanent roles and as a Recruitment Business in relation to all Temporary roles.

PLEASE NOTE: We can only consider applications from candidates who have the right to work in the UK.

Security Analyst

My client provides an elite threat detection capability to a large array of clients using the latest tooling to help detect and respond to the latest threats. Using these tools provides my client with the capability to detect both internal and external threats.

This is your chance to provide an elite threat detection service to a broad spectrum of clients, whilst due to the rapid growth of my client you will be exposing yourself to a level of career progression that is hard to match.

The Role

As a Cyber Security Analyst you will have the ability to monitor the networks for threats and report your findings to all audiences.

You will be expected to monitor the client's assets and environments using our high end security tools. Identifying, analysing and alerting the client's to existing and emerging threat actors, the following will be the main focus of the role:

  • Perform detailed network analysis to identify potential threat actors.
  • Create clear, concise and analytical reports on threats.
  • Keep on top of current threats and informing Clients of the risk.

Key Skills

You will need to be a quick thinker who can quickly analyze threats and the impact they will have. You will have the ability to think of ways to prevent the future attacks and to be one step ahead of the threat at all times.

  • Knowledge of current Cyber Threats.
  • Understanding of typical malware functionality and capabilities.
  • Understanding of tools used with Blue Teams.
  • Packet Capture experience.
  • Familiarity with typical security technologies such as firewalls and SIEM tools.
  • An understanding of large scale networking technologies.
  • Windows and Linux exposure.
  • Scripting exposure - Python and Bash.

If you can demonstrate that you have the knowledge of current Cyber Threats, and the ability to discuss Cyber Security concepts revolving around Network IDS and malware then apply now to be apart of this professional team!

Blackthorn Trace, trading name of Huntress Search Ltd, acts as a Recruitment Agency in relation to all Permanent roles and as a Recruitment Business in relation to all Temporary roles.

PLEASE NOTE: We can only consider applications from candidates who have the right to work in the UK.