The Role
We are seeking a skilled and dedicated SOC Analyst to join our Stoke on Trent team. The SOC Analyst will be responsible for monitoring, detecting, and responding to security incidents, ensuring that our clients' IT infrastructure remains secure. This role requires a deep understanding of cybersecurity threats, network defence, and incident response.
UKSV is required for this position. Candidates must possess or be eligible to obtain clearance. To be eligible for UKSV you must be a UK National and/or have been a UK Resident for 5+ years.
Role Responsibilities
Key responsibilities include, but are not limited to:
Security Monitoring and Analysis:
1. Continuously monitor security alerts and events using SIEM (Security Information and Event Management) tools and other monitoring platforms.
2. Analyse and triage security events to determine their severity and impact, escalating critical issues as necessary.
3. Perform real-time threat detection and response, identifying and mitigating potential security risks.
Incident Response:
1. Investigate and respond to security incidents, including malware infections, DDoS attacks, unauthorised access, and other threats.
2. Coordinate with other IT and security teams to contain and remediate incidents, ensuring minimal disruption to operations.
3. Document incident response activities and create detailed reports for stakeholders.
Threat Intelligence and Research:
1. Stay up to date with the latest cyber threats, vulnerabilities, and attack methods.
2. Conduct research to identify new threat vectors and recommend proactive measures to enhance security posture.
3. Contribute to the development and refinement of detection rules and response playbooks.
Security Tools and Technologies:
1. Maintain and optimise SOC tools and technologies, including SIEM, SOAR, IDS/IPS, firewalls, endpoint protection, and vulnerability management systems.
2. Assist in the deployment and configuration of security tools, ensuring they are properly integrated and functioning.
3. Collaborate with vendors and partners to address tool issues and implement updates or improvements.
Compliance and Reporting:
1. Ensure all security operations comply with relevant regulations and standards (e.g., GDPR, ISO 27001, NIST).
2. Generate regular reports on security incidents, threat trends, and SOC performance metrics for management and clients.
3. Participate in security audits and assessments, providing evidence of SOC activities and controls.
4. Provide out of hours technical escalation support to shift analysts.
Continuous Improvement:
1. Identify areas for improvement within SOC processes, workflows, and technologies.
2. Provide input on the development and implementation of new security strategies and initiatives.
3. Mentor and train junior SOC team members, sharing knowledge and expertise.
4. The ability to lead SOC improvement projects.
5. Develop SOC Playbooks and document SOC processes.
Education and Experience Requirements
As the SOC Analyst, you will have:
1. Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field. Relevant certifications (e.g., CompTIA Security+, CEH, CISSP, GIAC) are highly desirable.
2. Minimum of 2 years of experience in a SOC analyst or similar cybersecurity role.
3. Proven experience with SIEM platforms and security monitoring tools.
4. Direct experience in incident response, threat analysis, and vulnerability management.
5. Strong understanding of cybersecurity principles, including network security, endpoint security, identity and access management and threat intelligence.
6. Proficiency in analysing logs, network packets, and other data sources to identify security threats.
7. Excellent problem-solving skills with the ability to think critically and act decisively in high-pressure situations.
8. Effective communication skills, both written and verbal, with the ability to convey complex technical information to non-technical stakeholders.
9. The ability to work as part of a growing team and use your experience and expertise to mature processes and procedures within the Security Operations team.
Already work with us. Internal applicants please send your CV direct to recruitment.
The Company
SecureCloud+ specialises in providing fully managed secure ICT services to the UK's Defence and Security sectors, as well as other government departments with complex and demanding security requirements. SecureCloud+ prides itself on its successful track-record of delivering real benefits to its customers, but also on its ethos of investing in its employees' personal and professional growth.
Are you ready to embark on this exciting career opportunity? We look forward to welcoming you to our esteemed team at SecureCloud+.
SecureCloud+ is an equal opportunities employer and does not discriminate based on age, sex, colour, religion, race, disability, or sexual orientation. Our hiring decisions are based on an individual's experience and qualifications for the job advertised.
Department Recruitment Locations Stoke - Technical Office Employment type Full-time Job Reference 24/53
#J-18808-Ljbffr