Job Title: SOC Analyst Location: Hybrid working, home & UK travel (monthly visits) Salary: Up to £45,000 Benefits Working Hours: Monday - Friday, 40 hours Job Status: Perma nent Who we are The Constellation Automotive Group is the largest vertically integrated digital car marketplace in Europe, combining the leading digital brands across the segments of Consumer to Business (C2B), Business to Business (B2B) and Business to Consumer (B2C). Across our digital platforms we exceed £20billion of Gross Merchandises Value (‘GMV’) on an annual basis. This includes market leading brands such as BCA, We Buy Any Car, cinch and Marshall. https://www.constellationautomotive.com The Constellation Technology Team provides a group-wide set of Technology Products and Services across the Constellation Automotive Group. We are a central function working across the following domains: Technology Operations, Cyber Security, Product, Engineering, Enterprise Applications, Logistics, Architecture and Portfolio; across the UK and Europe. Now, this is where you fit in… A business-critical role working within the Chief Information Security Office for the Constellation Automotive Group (CAG) as a SOC Analyst to ensure security incidents and privacy issues are quickly identified, contained and fully investigated. Reporting to the Security Operations Centre Manager, this role is a unique opportunity to directly influence the security experience of our customers. As we continue to grow our digital story, your specialist capabilities will play a key part in our future. Key Responsibilities: Conducts network monitoring and intrusion detection analysis using various computer network defence tools, such as intrusion detection/prevention systems, firewalls and host-based security systems Conducts log-based and endpoint-based threat detection to detect and protect against threats coming from multiple sources Deploys cloud-centric detection to detect threats related to cloud environments and services used by the organization Correlates activity across assets (endpoint, network, apps) and environments (on-premises, cloud) to identify patterns of anomalous activity Reviews alerts and data from sensors, and documents formal, technical incident reports Works with threat intelligence and/or threat-hunting teams Provides network subscribers with incident response support, including mitigating actions to contain activity and facilitating forensics analysis when necessary Supports the creation of business continuity/disaster recovery plans, including conducting disaster recovery tests, publishing test results and making changes necessary to address deficiencies Works with security information and event management (SIEM/XDR) to manage/tune the system, create/manage the detection content and actively watch for alerts Correlates network, cloud and endpoint activity across environments to identify attacks and unauthorized use Researches emerging threats and vulnerabilities to aid in the identification of incidents Provides users with incident response support, including mitigating actions to contain activity and facilitating forensics analysis when necessary Perform security standards testing against computers before implementation to ensure security Requirements: Knowledge Degree level education or equivalent experience, ideally in cyber security, technology, computing or a related field. Experience of plus qualification/certifications from SANS, ISC2, CompTIA or other equivalent industry certifications. (Net, Sec) Knowledge and/or experience in email gateway defence tooling and brand protection software. In-depth knowledge of the latest security vulnerabilities, exploits and malware attack vectors Experience of plus qualification/certifications from Cloud providers such as AWS, MS Azure etc Experience 0-2 years of experience in Security Operations 2 years of experience in enterprise IT, system technology, infrastructure, integration, cloud, hosting and shared technology services. Skills An ability to effectively influence others to modify their opinions, plans or behaviours Employ appropriate methods of persuasion when soliciting agreement and demonstrating both empathy and assertiveness when communicating need/impact or defending a position. Make accurate and independent analytical judgments. Strong problem-solving and troubleshooting skills. Maintain excellent stakeholder management and build strong relationships Swiftly build an understanding of a business area, and how it fits into the wider enterprise organisation. Self-prioritise multiple workstreams in response to rapidly changing business needs. Outstanding written and verbal communication skills with the ability to describe complex & abstract security and technical concepts up to board level. Our policy is to employ the best qualified people and provide equal opportunity for the advancement of employees including promotion and training and not to discriminate against any person because of gender, race, ethnicity, age, sexual orientation, religion, belief or disability INDLP