£0.00 - £46.00 per hour
about 1 year ago
When required perform initial triage/identification of 'Events of Interest' using the SOC toolset
Complete analysis/correlation of 'Events of Interest' to identify incidents
Ensuring that all events, events of interest, exceptions & incidents are responded to in accordance with established SOC work instructions, including remedial action/recommendations.
Create and follow Playbooks
Complete post incident reporting.
Provide log analysis to support SOC services (including threat hunting)
Responsible for SOC work instructions, ensuring they are reviewed & amended.
Maintain currency in security concepts, tools and best practices
Produce reports (as per templates) & vulnerability/trending analysis as requested by UK SOC Mgr or key stakeholders.
Present & review reports to internal & external key stakeholders
Complete tooling configuration changes including but not limited to filters/tuning/dashboards as authorised.
Carry out minor tool maintenance as directed by SOC lead engineer.
SIEM - ArcSight Analyst
In depth knowledge of Intrusion Prevention Systems (Analysis)
Firewall / CISO ASA
ITIL Fundamentals (or equivalent)
CompTIA Security (or equivalent)
CompTIA Network (or equivalent)
Wireshark Packet Analysis
SANS SEC401: Security Essentials (or equivalent)
SANS SEC503: Intrusion Detection in-depth (or equivalent)
SANS SEC504: Hacker Tools, Techniques, Exploits and Incident Handling (or equivalent)
SANS SEC401: Security Essentials
Ethical Hacker (CEH)
Cisco Certified Network Associate CCNA
FIAHMG - Fundamentals of Information Assurance in HMG (leading to CCP)
CREST (Registered Intrusion Analyst) (CRIA)
SANS SEC501: Advanced Security Essentials
All Analysts/Engineers from level 2 onwards are expected to be able to present and write professional reports to key.
All staff are expected to exercise good time management and work as part of a team