Join us now, as the Security Operations Centre Team is growing. We are looking to recruit a candidate with SIEM / SOC experience to join the team and become a Security Analyst.
WHO ARE WE?
Our success over the last 25 years and our ongoing growth can be attributed to our people and our strong culture. Culture and engagement really are part of our DNA here at Creditsafe, and we take pride in making Creditsafe a great place to work. It’s important to us that people can be themselves, feel a sense of professional and personal growth, and feel part of a global community.
We offer a varied range of benefits that support a good work-life balance, including a hybrid approach to work, which enables you the flexibility needed to thrive.
THE TEAM
Creditsafe’s Information Security and Compliance team is motivated by protecting company reputation, safeguarding existing revenue, and supporting the generation of future revenue. We realize that security can often be misunderstood, so our approach is enabling new and existing customers to interact with our products and services. We pride ourselves on balancing a positive security culture with a robust control environment. Our responsibilities include setting security policies, educating users on good security practices, managing security risks, and auditing our security posture. We interact with various teams, both internally and externally, and we aim to be as helpful and supportive as possible. Outside of security, we’re passionate about a combination of sport, music, coffee, dogs, and memes.
JOB PROFILE
Reporting to the Security Operations Manager (Cardiff Bay), the SOC analyst will operate a SIEM platform as part of a SOC team to directly protect Creditsafe’s brand and reputation. The primary responsibilities are outlined below.
KEY DUTIES AND RESPONSIBILITIES
1. Responsible for the execution/adherence to day-to-day operations, daily checks, and processes.
2. Act as a subject matter expert specifically for SIEM and related/dependent technologies (log aggregation etc.).
3. Ensure that cyber playbooks/runbooks are utilized for the most common/prevalent attacks.
4. Act as initial triage and initial investigations of security events within SIEM.
5. Report any SIEM gaps in coverage or failure, degradation, or anomalies within the SIEM Platform.
6. Work side by side with vendors, professional services, and security engineers in maintaining, updating, or health checking the SIEM, related technologies, and its data sources, as well as actively looking for blind spots or gaps in event monitoring coverage.
7. Threat hunt and report within the network for a specific number of hours per week, looking for anomalies, misconfigurations, or suspicious network activity utilizing the telemetry data available in SIEM.
8. Action all support tickets in a timely manner as dictated by SLAs.
9. Perform any task as directed by the Head of Information Security or CISO.
The responsibilities detailed above are not exhaustive, and you may be requested to take on additional responsibilities deemed reasonable by your direct line manager.
SKILLS AND QUALIFICATIONS
Security Proficiency (Essential)
1. 2 years of security experience covering SIEM/SOC experience or equivalent security role within another organization.
2. Experience with Microsoft SENTINEL or comparable SIEM technologies.
3. SIEM/SOC experience within another organization.
Security Proficiency (Desirable)
1. SC-200: Microsoft Security Operations Analyst or similar SIEM/SOC based qualifications.
2. MS-500: Microsoft 365 Security Administration.
3. Experience with Graph API and/or Kusto Query Language (KQL).
4. Experience with SOAR automation.
5. CompTIA CyberSecurity Analyst + or equivalent.
6. AWS Cloud Practitioner.
Core skills and attributes
1. Excellent written and verbal communication skills (presentations and documentation).
2. Experienced in the use of ITIL based IT Servicing.
3. Solid understanding of IT and information security principles.
Creditsafe is an equal opportunities employer that values diversity. Please contact Creditsafe if there is any support you need with your application.
#J-18808-Ljbffr