Would you like to work in a supportive, collaborative and innovative company?
Do you enjoy working as part of an enthusiastic, passionate, and collaborative team?
Join our Cyber Operations team
As a Threat Intelligence Specialist you'll be part of our 24/7 SOC, analysing TI from a variety of sources and developing detections and threat hunting actions from it.
Success. The Softcat Way.
Softcat is a £1billion+ technology solutions business and trusted partner to names like Apple, Microsoft, and Adobe. Offering a growing portfolio of services including software licensing, cyber security, and IT infrastructure, we give our technical teams the tools and support to make exciting things happen. This is where to achieve more for your career.
You'll work closely with our TI partners, customers and internal teams to develop detections across our capabilities. With a focus on Microsoft security products (Sentinel, Defender) you will work to develop and improve our detection and response capabilities.
As Threat Intelligence Specialist, you'll be responsible for:
* Analysing data from our TI partners, trusted open sources and customer TI providers and turning it into actionable detections
* Working with Softcat's Cyber Engineering and Analyst functions to develop detections, triage steps and supporting investigations
* Researching threats, Indicators of Compromise (IoCs) and threat actor TTPs to support threat hunting activities, detection development and TI feed management
* Providing detailed analysis and comprehensive reports on threat intelligence findings, including trends, patterns, and emerging threats
* Collaborating with and support Incident Response teams where appropriate and provide cyber intelligence support during ongoing incidents and as part of PIR activities
We'd love you to have
* A proven history of working with threat intelligence in either a corporate SOC or as part of an MSSP
* Excellent written communication, with the ability to produce processes and supporting documentation for internal and customer consumption
* A good understanding of the MITRE ATT&CK Framework, and how IOCs and TTPs align with MITRE techniques
* Hands-on experience with SIEM and MDR platforms, with a focus on Microsoft Sentinel, Defender and related security tooling is highly preferred. Experience with other SIEM and MDR tools will be considered
* You will have a strong understanding of sophisticated threat actor methodologies, along with experience in incident response and forensic investigations
Work in a way that works for you
We recognise that everyone is different and that the way in which people want to work and deliver at their best is different for everyone too. In this role, we can offer the following flexible working patterns:
* Hybrid working – 2 days in the office and 3 days working from home
* Working flexible hours - flexing the times you start and finish during the day
* Flexibility around school pick up and drop offs
Working with us
Wherever you work, we want you to experience the freedom and autonomy to realise your potential. You will feel supported by a team that celebrates individuality, encourages different perspectives, and embraces every background.
Join us
To become part of the success story, please apply now.
If you have a disability or neurodiversity, we can provide support or adjustments that you may need throughout our recruitment process or any mitigating circumstance you wish for us to consider. Any information you share on your application will be treated in confidence.
You can find out more about life at Softcat and our commitments to diversity and inclusion at jobs.softcat.com/jobs/our-culture/