Senior Security Operations / Incident Analyst x3
6 month contract
To £525 a day
*Based hybrid, remote + site 5-6 days a month*
Manchester, Birmingham or Maidenhead all work
High level overview:
Essentially 3x Microsoft Security advanced L2 SOC Analysts, or L3 SOC Analysts, depending on your work environments as this requires more than most! Based remote plus a single site in either Manchester, Birmingham or Maidenhead for only a handful of days a month on site. SC Level Security clearance will be provided (*5 years minimum in the UK only to pass clearance). You'll review security incidents occurring in their customers' environments, alerting them to malicious activities and working with them to investigate and remediate the incidents to resolution.
The Company:
You will work for one of Microsoft UK's deepest embedded partners in their Managed XDR Security Operations Center (SOC) team. They deliver Microsoft security services and solutions among other services, into enterprise customers across Commercial, Public Sector, Government and Microsoft fronted critical national infrastructure focusing on Microsoft XDR SOC services for Sentinel, Defender and more!
They're also a Microsoft Security Solutions Partner (with all 6 solutions partner designations in total), have multiple Microsoft Advanced specializations including all the security ones, and have a Microsoft certified MXDR SOC. A Microsoft Intelligent Security Association (MISA) member they are one of the biggest names in IT Services in the UK with a multi award winning culture built around the values of its people.
The role...
As a Senior level SOC analyst/incident response expert in the Microsoft Security operations team, you'll be responsible for:
* Monitoring for security alerts from Security Platforms, primarily Microsoft Sentinel/Defender. Providing advanced second line security incident management and analysis to the customers through effective monitoring, reporting, and technical guidance for successful resolution
* Maintaining high levels of ownership through the security incident lifecycle
* Documenting and managing cases to utilise information for customers reports, providing insight and intelligent recommendations
* Interfacing with our customers to resolve issues, provide additional information, and answer questions related to incidents and monitoring
* Maintaining high quality security incident resolution and performance adherence
* Identifying and reporting tuning and automation opportunities
1. Ideally you will have...
* Experience working in a Microsoft MDR/XDR SOC,
* Preferably MSSP environment experience, although if you've previously been in busy end customer SOC environment this will be considered
* The ability to dynamically assess risks, threats & threat actors for new and existing customers
* KQL (Kusto Query Language) experience
* Cyber qualifications such as the Microsoft SC-200 or related certs
* Previous experience with SIEM tools including Microsoft Sentinel, and Defender
* Familiarity with cyber security concepts and their application in different business environments
* Detail orientated, with excellent communication skills and the ability to take a structured approach to procedures and working instructions for incident response/resolution