This job is no longer available.
You can view related vacancies or set-up an email alert notification when similar jobs are added to the website using the buttons below.

SOC Analyst

01/11/18_1541088274
£45000 - £70000 per annum

Managing this Role

image

Charlee Ryman

Associate Consultant - Cyber Specialist 0207 759 7878

Spending seven years in the Royal Navy as a warfare technician, Charlee uses his comprehensive military network and his deep technical expertise to quickly pinpoint the best cyber security professionals for leading employers of all shapes and sizes.

 

Roles recruited: SOC managers/analysts and cyber security analysts/consultants

Seniority: Junior-Senior

Job Type: Permanent

Geographical coverage: London

Market: Cyber security operations within MSSPs

Do you want to be apart of one of a few machine learning projects within the UK? My client is looking to build a brand new SOC capability to help support their incredibly successful product that is challenging the current industry and pushing all known boundaries.

Now our product is out in the market they have the need to build their Cyber Security/ SOC capabilities from scratch! You will be spearheading this role and will have the chance to be apart of a company with tremendous growth rate. You will carry out a generalist SOC role whilst helping my client develop and build a SOC function so experience is essential.

Your Role:

  • Using our platform to review the latest alerts and grade effectively
  • Responding to and investigating alerts and providing threat analysis
  • Liaising with customers to detail investigation outcomes and recommend quick and effective remediation methods
  • Producing reports on vulnerability Research, security Analytics, threat analysis, and digital network forensics up to board level
  • Assisting in the definition and implication of analysis procedures and protocols
  • Help assist us in finding the best way to improve our product.
  • Create and maintain operational reports for Key Performance Indicators and weekly and Monthly Metrics

Experience/Skills Sought:

  • Excellent knowledge of Intrusion Detection and prevention principles and various operating System knowledge
  • Ability to read and understand packet level data Intrusion detection and prevention and Network Security Products and Host Security Products.
  • Solid grounding in Protective Monitoring, Security Device Management, CIRT and Threat Intelligence experience
  • Knowledge of current Cyber Security threats and attack methods
  • Good understanding of a range of network and other protocols
  • Knowledge of TCPDump, WireShark, Snort, and/or other security tools highly desirable
  • Exposure on Vulnerability assessment and penetration testing or forensic analysis are an advantage
  • Industry recognised certifications e.g. CISSP, GCIA, GCIH, GCFA, GCFE, etc.

If you can see the bigger picture and want to be apart of something with real purpose and scope for development then this is the role for you! With a very competitive salary you will have no reason not to apply right now!

Huntress Search Ltd does not discriminate on the grounds of 'protected characteristics' as defined under the Equality Act and other relevant UK legislation.

Huntress Search Ltd acts as a Recruitment Agency in relation to all Permanent roles and as a Recruitment Business in relation to all Temporary roles.

PLEASE NOTE: We can only consider applications from candidates who have the right to work in the UK.


This job has now been filled but you may be interested in:

 

Incident Response Team Lead

Incident Response Team Lead - London

We have partnered with a global Cyber Security Consultancy who are currently looking for an Incident Response Team Leader to compliment an already world class Incident Response team. This team respond to and contain security incidents for their clients with a particular focus on advanced targeted attacks.

Responsibilities

As a Team Lead you will focus on strategic initiatives and operational management to deliver sustainable capability improvement over time. Your key focus areas are innovation and optimisation of our services; development of junior team members; and coordination and integration with global teams.

While the role is predominantly managerial, for effectiveness it requires a strong technical background in Incident Response, and the Team Lead will be expected to be able to demonstrate experience dealing with many different types of compromises in different environments, including advanced nation state attacks.

Requirements

A deep understanding of the motivations and methods adopted by a range of threat actors with an understanding of how exploitation of systems occurs is essential. You will have experience in examining data from various sources including network traffic, volatile memory, host data, log files and other sources of information.

  • Significant industry experience as part of a CSIRT, Security Operations or Investigations team in a data regulated and mission-critical environment.
  • Experience responding to and containing live security incidents such as crimeware, data breaches and advanced targeted attacks following a standard incident handling lifecycle.
  • Solid understanding of technical and security domains fundamental to investigations and incident response, including:
    • Client-server infrastructures, security architectures and related logging and alerting
    • TCP/IP networking with the ability to perform deep-dive network forensic analysis
    • File-system analysis including FAT, NTFS, HFS and/or EXT2/3/4 and ability to find and extract common disk-based indicators of compromise
    • Windows, Linux and/or OS X internals with emphasis on memory structures and ability to find common memory-based indicators of compromise
    • Malware analysis activities using behavioural techniques. Ability to perform dynamic and static analysis is an advantage
  • Ability to report key findings in a clear and concise manner both at technical and senior management level.
  • Vendor independent qualifications in Incident Response and Forensics such as SANS and CREST.

Huntress Search Ltd does not discriminate on the grounds of 'protected characteristics' as defined under the Equality Act and other relevant UK legislation.

Huntress Search Ltd acts as a Recruitment Agency in relation to all Permanent roles and as a Recruitment Business in relation to all Temporary roles.

PLEASE NOTE: We can only consider applications from candidates who have the right to work in the UK.

SOC Analyst

Do you want to work with a team of experienced Network and Information Security Engineers? Are you ready to put your skills to the test whilst working for an incredibly successful MSSP who advise clients on Cyber Security on a Global scale?

You will be comfortable with working within a SOC and carrying out your normal routine of providing security analysis of customer security events using SIEM tools to monitor and manage systems, whilst assisting in vulnerability management for a portfolio of blue-chip and mid-market customers. You will also have a great work ethic and be willing to go the extra mile.

Whilst working in a 24/7 shift rotation pattern you will be interfacing with a varied array of personnel from infrastructure teams to Heads of operations. Travel to Client sites may also be required depending on work undertaken.

This role requires the following operational skills:

  • Good understanding of Network Security.
  • Ability to provide relevant and timely analysis and recommendations to customers based on analysis of events from a SIEM platform.
  • Customer-facing, with good report-writing skills and strong communication skills at all levels.
  • Ability to provide technical and service leadership to L1 and other L2 analysts. Be a thought leader in the SOC.
  • Ability to consistently deliver to deadlines while prioritising competing demands for time, without sacrificing quality.
  • Professional, hard-working and have the ability to pay attention to detail.
  • Good understanding of ITIL processes, including Change Management, Incident Management and Problem Management.
  • Willingness to share information, improve documentation, and train other analysts.
  • Ability to work on shift rotation

Additional Skill set:

  • Analysis of alerts arising from Security Event and Information Management tools, ideally based on HP ArcSight.
  • Vulnerability Scanning and reporting ideally based on Qualys. Prioritising and tracking remediation of vulnerabilities.
  • Experience of network-based User Behaviour Analytics (DarkTrace, ArcSight User Behaviour Analytics etc) advantageous but not essential.
  • Experience of packet-capture tools and analysis of packet flows advantageous but not essential.
  • Experience of security assessment and penetration testing tools advantageous but not essential.
  • Knowledge of Threat Intelligence Services advantageous but not essential.
  • Experience working with service providers and network management platforms (SolarWinds).
  • Microsoft data manipulation.

If you feel you are the right person for this role and you are ready to engage with a varied array of clients and test your skill set whilst working for this MSSP then get in touch now.

Huntress Search Ltd does not discriminate on the grounds of 'protected characteristics' as defined under the Equality Act and other relevant UK legislation.

Huntress Search Ltd acts as a Recruitment Agency in relation to all Permanent roles and as a Recruitment Business in relation to all Temporary roles.

PLEASE NOTE: We can only consider applications from candidates who have the right to work in the UK.