Social network you want to login/join with:
Security Operations Center Analyst, West Midlands
Client:
Maxwell Bond
Location:
West Midlands
Job Category:
Other
EU work permit required:
Yes
Job Views:
1
Posted:
30.03.2025
Expiry Date:
14.05.2025
Job Description:
Job Title: Level 2 SOC Analyst (Microsoft Stack)
Salary: Up to £43,000 per annum
Working Hours: 9:00 AM – 5:00 PM (Monday to Friday)
Job Overview: Our client, a prominent organization within the utilities space, is seeking a proactive and skilled Level 2 SOC Analyst with expertise in the Microsoft stack to join their Security Operations Centre (SOC) team. This is a remote-first role with one day per week in the Midlands office. The Level 2 SOC Analyst will be responsible for investigating and responding to advanced security incidents, leveraging Microsoft-based security tools and platforms, and collaborating with other teams to ensure the protection of critical infrastructure and data.
Key Responsibilities:
1. Analyse and investigate security alerts from Microsoft security tools (e.g., Microsoft Sentinel, Defender for Endpoint, Microsoft Defender for Identity, etc.).
2. Perform in-depth analysis of security incidents to assess impact and severity, including handling incidents such as malware infections, phishing attacks, insider threats, and more.
3. Escalate and coordinate response efforts with senior analysts and management as necessary.
4. Microsoft Stack Security Management:
5. Utilize Microsoft security tools, including Microsoft Sentinel (SIEM), Defender for Endpoint, Defender for Identity, and other Microsoft security solutions, to monitor, detect, and respond to security threats.
6. Manage, configure, and fine-tune Microsoft security tools to optimize detection capabilities and reduce false positives.
7. Monitor and analyze logs, network traffic, and system behaviour using Microsoft-based security technologies to identify potential security risks and anomalous activities.
8. Integrate threat intelligence feeds into Microsoft security platforms to enhance threat detection and incident response capabilities.
9. Stay informed about the latest threats, vulnerabilities, and trends relevant to the utilities industry.
10. Collaborate closely with Level 1 SOC analysts, IT teams, and other stakeholders to ensure timely response to security incidents and proactive threat hunting.
11. Communicate effectively with both technical and non-technical stakeholders, providing detailed incident reports and status updates.
12. Mentor and support junior team members, contributing to their skill development and knowledge.
13. Reporting & Documentation:
14. Document and log all security incidents, investigations, and responses accurately, ensuring compliance with internal processes and industry standards.
15. Prepare and present incident reports, including detailed analyses, to management and stakeholders.
16. Conduct post-incident reviews to identify lessons learned and improve future response efforts.
17. Contribute to the development of incident response procedures and playbooks to ensure best practices and standardized processes.
18. Participate in regular training and development to stay current with Microsoft security technologies, industry best practices, and emerging threats.
Qualifications:
1. Education & Experience:
2. Bachelor's degree in Cybersecurity, Information Technology, or related field (or equivalent experience).
3. 2+ years of experience in a Security Operations Centre (SOC) role, specifically with Microsoft security tools and platforms (e.g., Microsoft Sentinel, Defender, etc.).
4. Experience in a security monitoring and incident response capacity within an enterprise environment, ideally in the utilities or similar critical infrastructure sectors.
5. Proficient in Microsoft security technologies, including Microsoft Sentinel (SIEM), Defender for Endpoint, Defender for Identity, and other Microsoft-based security solutions.
6. Strong understanding of security protocols, networking, and systems architecture (e.g., TCP/IP, DNS, HTTP/S).
7. Experience in performing log analysis, identifying indicators of compromise (IoCs), and handling security events within Microsoft environments.
8. Ability to respond to and mitigate security incidents, including malware, phishing, and network intrusions.
9. Strong communication and documentation skills, with the ability to provide clear reports to stakeholders.
10. Ability to work independently and manage multiple priorities in a fast-paced environment.
11. Certifications (Preferred but not required):
12. Microsoft Certified: Security Operations Analyst Associate (Exam SC-200).
13. CompTIA Security+, Certified Information Systems Security Professional (CISSP), or other relevant security certifications.
14. GIAC Security Essentials (GSEC) or Certified Ethical Hacker (CEH).
Key Attributes:
1. Strong problem-solving and analytical abilities, with attention to detail.
2. Ability to work under pressure and handle high-stress situations effectively.
3. A collaborative mindset with the ability to work closely with cross-functional teams.
4. A passion for cybersecurity and staying up-to-date with the latest trends and threats.
#J-18808-Ljbffr