Do you strive to make a difference? Goaco is looking to build a team to continue solving problems using software and technology for our clients. We are developers at heart – and by the mind too. We thrive on challenges and live for logical thinking. Formed over a decade ago, we have built on our successes, all of whom have benefitted from their level-headed software solutions. The team is all like-minded individuals, with a drive to succeed in their own fields.
Must be eligible for SC clearance.
Start Date: ASAP
Based in central London, we are looking to onboard an ambitious and goal-oriented Senior SOC Analyst to join our growing security team.
The person will be accountable for delivery of SOC and SIEM to existing and helping to sell capabilities to potential customers.
KEY RESPONSIBILITIES:
* Manage, coach, and lead the SOC 1st line analyst teams.
* Quickly assess incidents for their impact and severity.
* Establish procedures for containing threats and mitigating potential damage.
* Ensure that evidence is collected in a properly organized manner.
* Implement the latest detection capabilities to Microsoft Sentinel.
* Prepare and maintain detailed incident reports and provide post-incident analysis to improve security measures.
* Work closely with team members, such as service desk or projects team, to address security issues and implement solutions.
* Proactively search for signs of advanced threats and vulnerabilities within the network.
SKILL REQUIREMENTS:
* Strong understanding of cybersecurity principles, including knowledge of common threats and vulnerabilities.
* Capabilities which include Kubernetes, AWS, GCP, Windows Endpoints, Carbon Black, and Elastic Stack SIEM with the ability to design custom dashboards and understanding how Elastic, Logstash, and Kibana work together to ensure efficiency query or storage-wise. An understanding of PowerShell. Advanced understanding of cybersecurity principles, attack vectors, threat actors, and the threat landscape. Strong knowledge of the CIA triad.
* Skilled in triaging alerts, performing root cause analysis, and implementing remediation actions.
* Deep understanding of network protocols (e.g., TCP/IP, DNS, HTTP/HTTPS, SMTP) and their role in cybersecurity.
* Familiarity with network devices (e.g., routers, switches, firewalls) and concepts like VPNs and VLANs.
* Ownership of EDR (Endpoint Detection and Response) solutions, such as MS Defender for Endpoint, CrowdStrike, Carbon Black, or SentinelOne. Knowledge of IDS/IPS is a plus.
* Experience in managing incidents from identification through containment, eradication, recovery, and lessons learned.
Familiarity with cybersecurity frameworks and regulations, such as:
* NIST Cybersecurity Framework (CSF).
* ISO/IEC 27001.
* GDPR, HIPAA, PCI DSS, or other compliance standards.
PREFERRED CERTIFICATIONS:
* Microsoft Azure Sentinel 400 to be obtained.
#J-18808-Ljbffr