ROLE SPECIFICATION
Role Title: SOC Analyst (L2)
Reports To: SOC Manager
Location: Remote – UK Based
Salary Range: £35-40k (upto 20% shift allowance) annual salary dependent on experience
Hours: Full time – Sunday - Wednesday, 19:30-06:30
The Company
Founded in 2018, CYSIAM works in strategic partnership with public and private sector clients who understand and are serious about mitigating the risks that cyber incidents pose to their critical systems and data. Our team are at the cutting edge of technical cyber expertise, enhanced by decades of experience in central government, military intelligence, and law enforcement. We are driven by our values and our culture lives and breathes integrity, passion, and tenacity.
We provide security and confidence through world-class cyber security services tailored to our clients’ individual requirements. This includes UK-based 24/7/365 detection and response through persistent overwatch of networks and data, giving our clients the best chance of protection from cyber-attack.
Our UK-based monitoring, hunting and response teams are powered by technology, intelligence, and experience. We detect anomalous behaviour and work with our clients to prioritise and implement responses to restore ‘business-as-usual’ as quickly as possible. For those attacks that are more sophisticated and sustained, our threat hunting team track and immobilise the threat, minimising harm.
CYSIAM is a fast-growing force in the Cyber Security industry and has a unique DNA which makes it an exciting and interesting place to work. Our Cyber Defence Operations (CDO) team already works for highly prestigious clients and is looking to build scale from a strong base.
The Right Applicant
We are looking for a team player to join as a security analyst in our emerging MDR service. Due to the dynamic nature of our business, we require an individual who is flexible, deployable on a broad scope of tasks, can communicate effectively to others and can learn at pace. We need someone who is confident in their own skills and will work autonomously on tasks and personal development. We don’t do blagging! Self-awareness and the ability to ask for help when appropriate are among the key attributes we are looking for. Attention to detail is a must, so please include the answer to “seven plus ten” in the required questions and answer section as a number.
We are a values-based organisation, and we leave our egos at the front door. We need people who are tenacious, passionate, have the highest integrity, and want to be part of building a world class security team. If this is you, then read on…
Role Overview
As an analyst, your primary role within the CYSIAM team will be to conduct investigation of host and network security events for our client’s critical infrastructure. Role duties will include:
* Monitor, triage, escalate and investigate security incidents on critical client infrastructure.
* Be the technical escalation point for Associate (L1) analysts.
* Take part in the on-call Incident Response rota as required.
* Training of Associates analysts.
* Deliver client reports based on incident findings to both technical and non-technical audiences.
* Maintain and where appropriate, improve CYSIAM knowledge of SOC tools.
* Support to CYSIAM research and development projects.
* Prepare monthly SOC reports for managed clients and continuously improve their content and presentation.
* Work as part of a team to ensure that corporate data and technology platform components are safeguarded from known threats.
* Tuning of detection queries to optimise to the client environment and reduce noise.
* Creation of runbooks and Knowledge Base documentation
Skills & qualifications:
* Minimum of 1.5 years’ experience in Security Operations Centre.
* Understanding of the Mitre attack framework.
* Working knowledge in the analysis of pcaps, log data and intrusion detection systems.
* Experience of a wide range of SOC tooling
* Detail orientated, with strong organisational and analytical skills.
* Demonstrably strong written communication and interpersonal skills.
* Dedication and desire towards continuous professional development.
* Security Operation Centre positions require employees to be eligible to obtain and maintain a Security Clearance.
* Basic knowledge of client-server applications, multi-tier web applications, relational databases, firewalls, VPNs, and enterprise Anti-Virus products
* Strong understanding of networking principles including TCP/IP, WANs, LANs, and commonly used Internet protocols such as SMTP, HTTP, FTP, POP, LDAP
Desirable skills & qualifications:
* Experience of CrowdStrike Falcon, Splunk, Microsoft security suite, Fortigate Firewalls
* Understanding of static malware analysis.
* Understanding of programming and scripting such as Python, Perl, Bash, PowerShell, C++
* The following are desirable; Sec+/Net+/CySA, BTL1, Splunk Power User, CrowdStrike Responder, SC-200
Culture & Benefits
The CYSIAM team is a force to be reckoned with, fiercely supportive of each other both in our personal and professional lives. We employ people, and people have lives, which are sometimes not straightforward…we get that! We are very flexible in our working arrangements and trust people by default to deliver their outputs without constant supervision.
In return we ask for loyalty, work ethic, and your best version of you…
We provide competitive salary and incentives, 25 days holiday building up to 30 over the first 5 years of employment, pension, group life cover, private medical cover, company away days, riveting conversation, sparkling wit, etc…
Employee benefits will increase as company grows.