Senior SOC Analyst, West Midlands, 55,000 Plus Bonus
- Recruiter
- SmartSourcing Ltd
- Location
- Rugby
- Salary
- 55000.00 GBP Annual
- Posted
- 19 Oct 2021
- Closes
- 25 Oct 2021
- Sectors
- Accountancy
- Contract Type
- Permanent
- Hours
- Full Time
Senior SOC Analyst - Protective Monitoring - Rugby, Warwickshire - 55,000 + Car Allowance + Holiday Bonus + Bonus
We are very proud to represent an organization revolutionizing emergency services, creating software and solutions that allow communications, software, video, and services to help their blue light customers work safely and more efficiently.
You will work within the SOC to develop cyber-response toolset and procedures, as well as performing operational response to incidents using those same tools.
You will be the SME for Protective Monitoring services within the team and help develop the core toolset and strategy for improvement as well as developing and building out their new capability, eg log source onboarding, use case development with service owners/customers, incident response playbook development and automation and integration with other toolsets.
The role will also include service management of 3rd party Protective Monitoring suppliers as well as being a key player in forming the future strategy for these services. Develop, operate and improve Protective Monitoring services, working closely with SOC Lead and other internal teams and 3rd party suppliers.SME for Protective Monitoring - Log source management, improvement strategy, reporting, toolset development, automation/integration with other systems and intelligence feeds, log source onboardingOperational threat detection and response
Required Skills and Experience:
Ability to create technical solutions for infrastructure and application components to successfully ingest and process and analyse security logging information
Advanced experience in SIEM tools: LogRythm, Splunk, BMC Defender and other log collection/collation platforms.
5 years plus of hands-on IT Experience (Helpdesk, Network, Administration, Security), with a large part of this within a security role.
5 years plus experience developing and using SIEM tooling such as Splunk, LogRythm, ELK.
Threat hunting
Log analysis
Development of intelligence feeds to use cases and security incident playbooks
Experience with networking fundamentals (TCP/IP, DNS, DHCP, SIP, HTTP/S minimum)
Familiarity with major operating systems available, as well as network device OS
In depth knowledge of log delivery methods protocols associated formatting, conversion and parsing (WEFC, Syslog, flat file, XML, REGEX, Python).
Ability to piece together small pieces of information from multiple sources to tell a larger story
Knowledge of major attack types and familiarity with MITRE ATTCK or Lockheed Cyber Kill Chain
For a full and detailed job specification including their excellent benefits package please apply!
Due to the nature of the role candidates who either hold or are eligible for SC clearance will be preferred.
We are very proud to represent an organization revolutionizing emergency services, creating software and solutions that allow communications, software, video, and services to help their blue light customers work safely and more efficiently.
You will work within the SOC to develop cyber-response toolset and procedures, as well as performing operational response to incidents using those same tools.
You will be the SME for Protective Monitoring services within the team and help develop the core toolset and strategy for improvement as well as developing and building out their new capability, eg log source onboarding, use case development with service owners/customers, incident response playbook development and automation and integration with other toolsets.
The role will also include service management of 3rd party Protective Monitoring suppliers as well as being a key player in forming the future strategy for these services. Develop, operate and improve Protective Monitoring services, working closely with SOC Lead and other internal teams and 3rd party suppliers.SME for Protective Monitoring - Log source management, improvement strategy, reporting, toolset development, automation/integration with other systems and intelligence feeds, log source onboardingOperational threat detection and response
Required Skills and Experience:
Ability to create technical solutions for infrastructure and application components to successfully ingest and process and analyse security logging information
Advanced experience in SIEM tools: LogRythm, Splunk, BMC Defender and other log collection/collation platforms.
5 years plus of hands-on IT Experience (Helpdesk, Network, Administration, Security), with a large part of this within a security role.
5 years plus experience developing and using SIEM tooling such as Splunk, LogRythm, ELK.
Threat hunting
Log analysis
Development of intelligence feeds to use cases and security incident playbooks
Experience with networking fundamentals (TCP/IP, DNS, DHCP, SIP, HTTP/S minimum)
Familiarity with major operating systems available, as well as network device OS
In depth knowledge of log delivery methods protocols associated formatting, conversion and parsing (WEFC, Syslog, flat file, XML, REGEX, Python).
Ability to piece together small pieces of information from multiple sources to tell a larger story
Knowledge of major attack types and familiarity with MITRE ATTCK or Lockheed Cyber Kill Chain
For a full and detailed job specification including their excellent benefits package please apply!
Due to the nature of the role candidates who either hold or are eligible for SC clearance will be preferred.