Main job function
Our client, a managed IT Support & Services company based in the UK are currently seeking the skills of a L2 SOC Analyst.
The main role of the L2 SOC Analyst is to provide level 2 support and escalations capabilities to the SOC and perform day to day SOC threat hunting and investigation activities.
The L2 SOC Analyst will be responsible for assisting in driving our compliance and strategy in the SOC using the tooling within the company to develop and improve our services to our client and ensure we provide a pro-active and quality service to all SOC clients.
· Ongoing threat hunting for clients and internally for the company
· Automating tasks, alert and report creation on SOC activities.
· Continuous monitoring of and action on internal and client security systems.
· Detecting and responding to security events and protecting information assets.
· Assisting in delivering security services and products to clients.
· Assisting with improving internal SOC processes and procedures.
· Contribute to the improvement of the information security within the company.
· Communication with customers as required: keeping them informed of incident progress, notifying them of impending changes or agreed outages, etc.
· Incident response and investigation, including owning incident playbooks.
· Product investigation and testing for the SOC.
· Upon out of hours incidents, support the wider Security Operations team by participating in an on-call rota.
· Coaching and mentoring of junior analysts
· Desirable Qualifications
- Cybersecurity related certifications.
- Microsoft Security stack certifications.
o MS AZ-900
o MS AZ-500
o MS SC-200
o MS SC-300
o MS SC-400
- Comptia N+
- Comptia S+
- Other technical security and vendor qualifications a bonus
- Mimcast certified
- BTL1
· Experience in the following is required
- SOC operations and tools (SIEM, EDR, etc.)
- Vulnerability management experience
- MSP/MSSP experience
- Microsoft security stack (Intune, Azure, ATP, Defender)
- 3+ years in a SOC environment
- Threat Hunting
· Experience in the following is desirable
- Microsoft Azure Sentinel
- Scripting (PowerShell, Python, regex)
- Other security tools a bonus
- Control frameworks (ISO, PCI DSS, CIS, and/or NIST)
- Working with remote team
- 5+ years in a cybersecurity environment
- End Point Protection, Cloud Security, Security Incident and Event Management, Managed Anti-Virus Services, CASB, Data Loss Prevention
- Threat and security research and investigation
- Ability to provide information and audits and reporting for supported technologies.
- Present on risk findings and vulnerabilities in a client environment
- Conduct and develop security controls and put in measures to mitigate and prevent threats, vulnerabilities to prevent attacks on client environments
- Ability to create root cause analysis and reporting on events
- Facilitates the analysis of a client threat landscape during cyber-attacks activity.
· Soft Skills
- Ability to communicate with all levels of a client’s employees.
- Ability to present to C-level executives in a clear, concise and definitive way.
- Comfortable interacting with a remote team.
- Passion for all things CyberSec related.
- Desire to protect clients and deliver value.
- Organised and detail orientated.
A Consultant will be in touch if you are shortlisted for the position. Please consider your application unsuccessful should you not have been contacted within 2 weeks. We will keep your CV on our database and contact you should you match the criteria of any other vacancies.
