Security Operations Analyst
Job Description Role Responsibilities: Essential: Security Monitoring
• Monitor a wide variety of security tools directly and via the SIEM as necessary to detect cyber attacks and other unauthorised activity.
• Assist with the creation and refinement of security monitoring rules, techniques and processes. Incident Management
• Gather data and perform the initial analysis for newly discovered security incidents, classifying and triaging as appropriate.
• Investigate and resolve security incidents both independently and in collaboration with the wider SOC team.
• Ensure accurate logs are made of all actions during incident response activities, and produce a final report detailing the incident timeline when required.
• Actively participate in post-incident process improvement and reporting activities. Vulnerability Management
• Perform regular and on-demand automated vulnerability scans and interpret the results for affected teams and asset owners.
• Track remediation activities, provide remediation assistance where required, and ensure vulnerabilities are closed within the defined time limits. Security Policy Review and Maintenance
• Perform regular reviews and audits of technical security controls, including firewall policies, DLP policies, Active Directory permissions, and SIEM log collection.
• Help meet company compliance requirements by supporting internal and external audits, risk assessments and reviews.
• Assess requests for exceptions and whitelisting in security controls (such as firewalls, web proxies, DLP, etc) and approve or deny according to defined guidance. Reporting & Documentation
• Assist with the preparation of regular reports and the collection of defined metrics.
• Take part in the creation and continual improvement of SOC process and procedures documentation, as well as the refinement of manual and automated workflows and playbooks. Projects
• Perform short tasks and work on more complex projects as required to assist and improve the effective operation of the SOC, such as testing and evaluating potential tools and services, assessing the impact of IT changes, optimising existing tools, collaborating with external teams, and other tasks. Qualifications Essential:
A university degree in one of the following fields is preferred (but not required): • Cyber / Information Security, Digital Forensics, Ethical Hacking • Computer Science, Software Development, Network Engineering • Mathematics, Physics and other STEM subjectsDesirable:
- Other desirable certifications include: • CISSP • CEH, CREST, OSCP • Security+, Network+ • Vendor certifications for Microsoft, Linux, cloud, networking or security products Personal Attributes
This will be a busy role in a team so the successful candidate's behaviours will need to strongly aligned to our values:
• Champion the client: customer service is a passion, cultivates trust, has clarity and communicates well, works with pace and momentum
• Lead the way: innovative and resilient, strong learning agility and curiosity
• Love what we do: Conscientiousness - has high self-discipline, carefulness, thoroughness and organisation, Flexible and adaptable Number of openings