The Security Operations Centre is part of our Cyber Detect and Respond team and is responsible for monitoring our information systems for unusual and anomalous events and defending the organisation against complex internal and external threat actors that intend to harm the interests of our customers and the bank.
We’re looking for a Senior SOC Analyst to join our SOC in the Security Operations team. We’re looking for candidates who are looking to progress in their career in Security Operations or to join the team with security experience or strong technical skills.
What you’ll be doing
1. Specialisation in the use of SIEM tools to enable the detection of anomalous and usual events within our information systems covering cloud native and traditional data centre hosted services.
2. Developing, supporting and maintaining the bank’s security monitoring capability as part of the transition to Azure and beyond.
3. Identifying opportunities for improvement, quality assuring and implementation of technical solutions as an individual contributor or working with technical teams or suppliers.
4. Supporting the response to incidents to support the containment, eradication and recovery of affected systems in conjunction with our Incident Response team.
5. Maintaining awareness of new threats, articulating risk clearly and creating analytical rules to detect threats within our environment using our security tools.
6. Threat hunting within our environment, to proactively identify indicators of compromise or security weakness to enable remediation and support management of operational risk.
7. Working on projects (Security Investment Programme or other Change Portfolio deliveries) providing security advice to our internal stakeholders to ensure SOC requirements are understood and standards are adhered to.
8. Managing your own workload, ensuring tasks are delivered on time and to the required quality.
9. Acting as a Duty Officer on a one in four shift rotation to: Provide direction on triage and focus for event handling, triage and escalation to the Incident Response team; Provide technical expertise and support for 24/7 SOC Analysts including escalations; and Provide out of hours cover for 24×7 SOC Analysts (and other stakeholders).
#J-18808-Ljbffr