A global leader in the Aerospace & Defence sector is seeking the expertise of a technically astute SOC Analyst to help support the day to day operations; and incremental improvement, of a dedicated Security Operations Centre (SOC) for a major UK CNI organisation based in Leeds.
The successful candidate for SOC Analyst role will be required undergo governmental clearance
1. Shift handover briefs preparation and delivered
2. Monitor, triage, analyse and investigate alerts, log data and network traffic using the Protective Monitoring platform and Internet resources to identify cyber-attacks / security incidents.
3. Write up high quality security incident tickets using a combination of existing knowledge resources and independent research.
4. Understand Threat Intelligence and its use in an operational environment
5. Produce new workflows for automation into SOAR tools for common attack types.
6. Continually improve the service and review use cases and propose changes and enhancements in line with the changing threat.
7. Basic Python and/or scripting skills, Windows, OS X, and Linux
8. Experience using Splunk and Sentinal
9. Working with a range of security tooling/technology
10. Strong understanding of security architecture, in particular networking
11. Detailed understanding of threat intelligence and threat actors, TTPs and operationalising threat intelligence.
12. Experience in investigating complex network intrusions (by state-sponsored groups or targeted ransomware attacks).
13. Understand TCP/IP component layers to identify normal and abnormal traffic
14. Understanding of AWS &/or Azure cloud services
15. Experience of Splunk (with ES) &/or Sentinel, content development experience desirable
If you are interested in discussing this long term contract opportunity, please email a copy of your CV and contact number to arrange a call.
AMC/EMG/003