Cyber Security Analyst
|Job Type||Permanent Full Time|
|Area||Buckinghamshire , United Kingdom|
- Our client, a leading provider of IT, Infrastructure & Security solutions, are looking for a Security Analyst to join their newly formed SOC. This SOC will provide Incident Monitoring & Response services to a range of clients and will be 24/7.
You will be responsible for monitoring customer networks and systems, detecting events and reporting on threats that e identified. You will also be responsible for escalating legitimate threats and providing awareness on false positives.
Key Responsibilities of the Security Analyst
- Working in a 24/7 SOC environment
- Monitor SIEM tools for suspicious events and anomalous activity
- Validate suspicious events and incidents escalating those that require it and providing awareness on those that are non-incidents
- Document and manage incident cases in our ticket handling system
- Develop, build and implement use cases within the SIEM tool based on customer environment set up and needs.
- Develop and deliver reports/visibility to customers in line with service definitions
- Report incidents to the customer in line with service definitions, and where appropriate provide guidance on corrective actions
- Interface with customers to resolve issues, provide additional information, and answer questions related to incidents and monitoring
- Maintain high levels of Incident ownership through the incident lifecycle to a satisfactory Customer resolution
- Working with and supporting our security engineering team with deploying, troubleshooting and managing the security platform for multiple customers.
Skills and Experience required of the Security Analyst
- Passionate about Cyber Security
- 1-3+ years’ experience working in a similar environment such as SOC and performing incident response is preferred.
- Experience with attack vectors such as Malware, Trojans, Exploit Kits, Ransomware and Phishing techniques advantageous.
- The experience with analysing information technology logs and events sources preferred.
- Ability to dynamically assess risks, threats & threat actors for new and existing customers.
- Strong communication skills both written and oral with ability to translate and technical information to a non-technical audience.
- Hands-on experience with SIEM platforms, such as Alien Vault, Security Analytics, Splunk, or ArcSight, Firewalls, Intrusion Detection/Prevention Systems, Proxies, Web Applications, and/or Penetration Testing beneficial.
- A capable individual who can effectively multi-task, prioritize work, and handle competing interests