Microsoft Sentinel Engineer/L3 SOC Analyst
Akkodis are currently working in partnership with a leading service provider to recruit an experienced Microsoft Sentinel Engineer with expertise in Microsoft Sentinel and QRadar to join their growing security team during an exciting period of change.
Please note this is a fully remote role and you must be eligible to gain security clearance (do not need to hold currently).
The Role
As a Microsoft Sentinel Engineer, you will be responsible for handling security incidents received/escalated for the Junior Analysts in the team. You will aid in triaging threat intelligence from multiple sources and add contextual information to the security incident, perform additional analysis, and based on the business impact, recommend the response actions and escalation path. You will also have the opportunity to support the initial implementation of new security-related Microsoft technologies, including Microsoft Sentinel, MDE, MDI, and Defender for Cloud.
The Responsibilities
* Oversee completion of day-to-day checklist(s), including log review, management report scheduling & running, alert analysis, and escalation follow-up.
* Remain current on cyber security trends and intelligence (open source and commercial) in order to guide the security analysis & identification capabilities of the CSOC team.
* Provide oversight, guidance, and mentoring to L2 & L3 analysts, and fulfill SOC Manager responsibilities in the absence of the SOC Manager.
* Manage a number of analysts as part of a virtual team of L1 and L2 analysts, including objectives setting, performance management/reviews, training & development, and BAU activities including shift cover.
* Perform advanced event and incident analysis, including baseline establishment and trend analysis.
* Support on-call arrangements as part of a Rota, to support L1 Analysts working out of hours.
* Support Major Incident Response activity, from a Protective Monitoring perspective, including supporting teams in identification, containment, and remediation of security-related threats.
* Provide timely advice and guidance on the response action plans for events and incidents based on incident type and severity.
* Identify, create, and implement improvements to procedures and processes, with the SOC Manager's approval.
* Identify opportunities for SOC and client SIEM platform configuration improvements, use case development, monitoring rule creation, tuning & optimization.
* Assist in architectural design to facilitate the onboarding of new information systems, including the assessment, parsing, onboarding of log sources, and use case and rule development.
The Requirements
* Senior Cyber Security and security operations experience.
* Experience in managing Microsoft Sentinel, including Lighthouse.
* Experience in onboarding, tuning, reporting, and configuring SIEM solutions.
* Experience in threat intelligence.
* Leadership and mentoring experience and skills.
* Understanding of low-level concepts including operating systems and networking.
* Commercial experience in Penetration Testing and/or Security Monitoring.
* Understanding of networking and infrastructure design.
* Active or ability to obtain SC clearance.
* Knowledge/experience of DevOps would be hugely beneficial.
If you are looking for an exciting new challenge to join a leading SOC team, please apply now.
#J-18808-Ljbffr