Cyber Security Analyst - DV Cleared
£65,000 - £70,000 per annum
Yeovil - Onsite
Job Description:
We are looking for a Principal Cyber Security Analyst to join a Protective Monitoring Team at our Yeovil site.
What you'll do as a Principal Cyber Security Analyst:
* Team Management: Provide direct line management, guide, and develop the SOC operations team, fostering a positive culture and ensuring continuous skill development.
* Mentorship and Development: Mentor and develop Junior Analysts, fostering a culture of continuous learning and innovation.
* Technical Leadership: Serve as the principal technical expert, ensuring efficient monitoring, detection, and response to security threats.
* Innovation and Continuous Improvement: Promote continuous improvement initiatives, staying at the forefront of cybersecurity practices.
* Tool and Technology Optimisation: Supervise the optimisation of critical security tools, ensuring they support proactive security postures.
* Incident Management and Response: Guide and support incident response efforts, providing expertise and guidance.
* Insider Threat Management: Manage and investigate Insider Threat cases upon request.
* Threat Hunting Leadership: Guide threat hunting teams during scheduled hunts, ensuring comprehensive threat detection.
* External Collaboration: Collaborate with external partners to enhance the SOC's defensive posture and ensure compliance with standards.
* Customer Network Oversight: Act as the technical expert for assigned customer networks, ensuring their security.
* Customer Engagement and Reporting: Provide weekly metrics reports and attend customer service reviews to offer technical insights.
* Cross-Functional Teamwork: Encourage collaboration with other departments to address security challenges with integrated solutions.
What we need from you:
We are looking for a motivated self-managed individual who is willing to help design and adapt a constantly evolving service; someone who can demonstrate exceptional analytical skills and liaise professionally with peers and customers even under pressure.
You really must have:
* Experience in cyber security including protective monitoring and incident response, eg GIAC GMON, GCIA, GCIH or equivalent experience.
* SIEM (LogRhythm, Splunk, etc) and IDS (Snort) experience.
* Network and Host security experience.
* Threat intelligence.
* Threat Hunting.
* Excellent communications skills.
* Mentoring and coaching.
* Current DV clearance.
It would be nice if you had:
* SANS SEC 503 Intrusion Detection in Depth or equivalent.
* SANS SEC 504 Incident Handling, Hacker Tools and Techniques or equivalent.
* SANS SEC 508 Advanced Incident Response, Threat Hunting, and Digital Forensics or equivalent.
* SANS SEC 511 Continuous Monitoring and Security Operations or equivalent.
* SANS LDR 551.