SOC Analyst - Level 2
The role holder’s normal shift working pattern will be 4 days on 4 days off with shift hours of either 07:00-19:00 or 19:00-07:00.
Due to strong sustained growth in CNS Managed Security Services business – CNS require an experienced security professional who will be responsible for the security monitoring & log analysis of multi-vendor security solutions. Operating out of CNS Security Operations Centre (SOC) located in Camberley, Surrey the role holder will be expected to evaluate the type, nature and severity of security events (security assurance/security compliance) through the use of a range of security event analysis tools. The role holder will have an excellent understanding of common security exploits, vulnerabilities and mitigation techniques.
The role holder will be primarily using a SIEM (Security Incident and Event Management), IDS/IPS (Intrusion Detection/Prevention System), NAC (Network Access Control) toolset to perform log analysis and monitoring activity along with other security solutions to aid investigation and troubleshooting. The role holder will be expected to engage appropriate incident response and corrective action as required or as set out in associated Service Level Agreement.
Level 3 SOC Shift Lead Duties:
- Hands on experience with a variety of different IDS/IPS, NAC and SIEMs; 2 or more of the following:
- Have knowledge of the common types of vulnerabilities and attacks & perform IT security threat management tasks
- Perform operational 'eyes on glass' real-time monitoring and analysis of security events from multiple sources including but not limited to events from SEIM monitoring tools, network and host based intrusion detection systems, firewall logs, system logs (Unix & Windows)
- Perform advanced diagnosis and remediation planning in response to security events & incidents
- Analyse security event logs and alerts to determine validity, priority and impact against both security threat best practice counter measure and client compliance obligations
- Monitor and use of incident ticket systems to log incident and perform change activity
- Accept, manage and update service requests to ensure contracted SLA are met
- Manage client expectations and escalate critical situations to appropriate levels of management
- Liaise with Field Engineering resources in the provisioning of high level security support to our clients.
- Manage vendor operational performance and drive vendor support relationships to achieve problem resolution
- Working knowledge of desktop word processing and communication software (Microsoft office, Visio, Project, PowerPoint, Excel etc.)
- Deep understanding of computer network, routing and switching protocol
- Exposure to incident response and threat monitoring
- Familiarity with offensive attack sequence and defensible security
- Experience correlating security event data and leveraging SIM/SIEM frameworks
- Deep understanding of Unix/Linux and Windows OS
- Demonstrable experience of holding team supervisory duties
One of more of:
- CCNA, CISSP desirable
- SANS GIAC, GCIA, GCIH, GSEC or similar certification desirable
- CEH, SSCP
- OSCP Offensive Security Certified Professional (OSCP)
- British Citizen
- SC Clearance
- Up to £35K (neg) based on experience
- Workplace Pension (3% Employer Contribution)
- Employee “Thanks Reward Scheme”
- Income Protection Benefit
- Death in Service Benefit
Please contact firstname.lastname@example.org
for more information.
For further job opportunities follow us on LinkedIn