Security Operation Analyst

Security Operations Analyst

London (Hybrid Working)
Permanent

Grade 4

Reporting to the Cyber Security Operations Analyst lead, the Cyber Security Operations Analyst Level 2 will operate as a tier 2/3 Security Operations Centre (SOC) analyst, evaluating escalated incidents. Using threat intelligence and indicators of compromise (IOCs) to pinpoint affected systems and the extent of the attack. Carry out in-depth analysis to find the perpetrator, the type of attack, and the data or systems impacted. Creates and implements a strategy for containment and recovery.

You will be responsible for:

• Respond to escalated security events, alerts, and incidents
• Use knowledge and tooling to investigate security events
• Take an analytical approach to determine root cause and ascertain IOC/IOAs
• Monitoring toolsets and sensors for analysis enrichment
• Correlate data to determine impact of security incidents
• Deliver incident containment and resolution
• Discuss security events with stakeholders in Technology, the business and 3rd parties, to ascertain actions, impact, and remediation options
• Document post-incident analysis and recommendations
• Support in refining and documenting the above activities to ensure consistency in delivery and continual improvement of the process
• Support continuous improvement of security tooling and configurations

Required Skills & Experience:

• Previous experience of working in a Security Operations centre
• Strong Knowledge of networking concepts, including TCP/IP, routing and switching
• Strong ability to analyse and interpret security logs, alerts, and indicators of compromise (IOCs)
• Familiarity with common attack vectors, techniques, and tactics used by cyber criminals and threat actors, using SOC tooling such as SIEM and EDR, as well as open-source repositories such as sandboxes, Virus Total etc.
• An understanding security tools and technologies, such as WGW, WAF, IDS/IPS, firewalls, EDR, and encryption
• Knowledge of Windows, Linux, and UNIX operating systems
• Experience of the following would be advantageous: Data Loss Prevention (DLP) and e-discovery
• Strong communication skills, both verbal and written
• Ability to work independently and as part of a team
• Ideally holds a certification related to security operations (e.g., GCIH, GCIA, GCFA)

We're one team and we celebrate all of the great things you do. One way we show our gratitude is by giving you access to a range of lifestyle benefits including:

Private medical insurance
Competitive pension scheme
Access to discretionary company bonus scheme
Life Assurance
Staff discounts and offers
Hybrid working

Beyond that, we'll be with you every step of the way, enabling you to get the most out of your role. We're building a team that brings technology to people, making their lives better, easier and fuller, and you can be part of it.

#LI-Hybrid
#wheretechlovesunite]]>