SOC Analyst

Overview:

We are a technically focussed solutions business and we pride ourselves on delivering innovative, elegant technical solutions that address business needs, and drive digital transformation for our customers.

The Analyst will work with a wide array of tooling and services at their disposal. They will be responsible for developing SIEM and EDR platforms, conducting security investigations, supporting major security incidents, and continual improvement of the security posture for both ourselves and our customers. 

Core Responsibilities:

•    Assisting with the onboarding of customers into the SOC/SIEM 
•    Developing new detection rules for SIEM
•    Responding to alerts generated by our SIEM solutions, the role is responsible for the initial analysis and triage of unusual and anomalous behaviours within our information systems
•    Proactively hunting for threats and issues that may exist within our information systems
•    Working with Incident Response team members to support the containment and resolution of security incidents

Essential Criteria:

•    Experience working in a Security Operations Centre
•    Demonstratable experience working with SIEM, EDR and Vulnerability Scanning tools (preferably Microsoft Sentinel, Defender) 
•    Experience developing SOC triage runbooks 
•    Experience setting up data connectors, integration with third party APIs and apps
•    Experience developing and implementing use cases to support analytics and threat hunting
•    Experience of fine tuning SIEM platforms to reduce false positives and improve automation
•    Certifications in the field of cyber security
•    Strong analytical skills and the ability to problem solve
•    Resilient, staying calm under pressure and being able to prioritise workloads

Desirable: 

•    Experience with KQL (Kusto Query Language)
•    Experience in documenting procedures, high level designs etc.
•    Experience in coaching/mentoring colleagues