Security Analyst – SIEM (Shift pattern)

  • Term: Permanent
  • Location: Buckinghamshire,
  • Salary: £35,000
  • Job Reference: R/045475

Security Analyst – SIEM (Shift pattern – 4 days on, 4 days off)

£35k (rising to £45k in August)

The role:

As Security Analyst you’ll be supporting security threat monitoring, detection, event analysis and incident reporting within a 24/7 Operations Centre environment. Operating on a 12-hour shift rota, you’ll be responsible for monitoring customer networks and systems, detecting events and reporting on all threats that are directed against those systems regardless of their classification level or type; analysing events to work out those that qualify as an actual security incident as opposed to non-incident or false positives.

The duties:

– Monitor our SIEM Management tool for suspicious events and anomalous activity

– Triage events for criticality

– Validate suspicious events and incidents by using open-source and proprietary intelligence sources

– Document and manage incident cases in our ticket handling system

– Develop, build and implement use cases within the SIEM Management tool based on customer environment set up and needs

– Develop and deliver reports/visibility to customers in line with service definitions

– Report incidents to the customer in line with service definitions, and where appropriate provide guidance on corrective actions

– Interface with customers to resolve issues, provide additional information, and answer questions related to incidents and monitoring

– Maintain high levels of Incident ownership through the incident lifecycle to a satisfactory Customer resolution

– Working with and supporting our security engineering team with deploying, troubleshooting and managing the security platform for multiple customers

The requirements:

– Passionate about Cyber Security

– Demonstrable experience working in a similar environment such as – SOC/Technical Security role (not necessarily a SOC) and performing incident response is preferred

– Experience with attack vectors such as Malware, Trojans, Exploit Kits, – Ransomware and Phishing techniques advantageous

– The experience with analysing information technology logs and events sources preferred

– Ability to dynamically assess risks, threats & threat actors for new and existing customers

– Possess a working knowledge of network communications and routing protocols (TCP, UDP, ICMP, BGP, MPLS, etc.) and common internet applications and standards (e.g. SMTP, DNS, DHCP, SQL, HTTP, HTTPS).

– Hands-on experience with SIEM platforms, such as Alien Vault, Security Analytics, Splunk, or ArcSight, Firewalls, Intrusion Detection/Prevention Systems, Proxies, Web Applications, and/or Penetration Testing beneficial

– Strong communication skills both written and oral with ability to translate and technical information to a non-technical audience

– A capable individual who can effectively multi-task, prioritize work, and handle competing interests

– Customer focused and proactive in following up on (customer) issues

Apply for this position now

Simple Share Buttons
WordPress Security