Principal Security Analyst (SOC)
Location: Manchester
Working Arrangement: Hybrid
Role Purpose:
This position is a critical role within the organization, serving as the primary point of contact for potential security incident escalation during significant incidents or crisis situations. This involves close collaboration with the Computer Incident Response Team (CIRT), Senior Management, and Senior Analysts.
The role also includes providing guidance and mentorship to junior staff members, fostering their growth and development within the organization. As a 24/7 escalation point for Senior Analysts, this role requires a high level of commitment and availability.
A key part of the role is contributing to the continuous business development opportunities within Global Management Solutions (GMS). This involves staying abreast of emerging threats and vulnerabilities in the cybersecurity landscape and ensuring that all analysts within the Security Operations Centre are adequately trained to handle these threats.
The role also involves conducting comprehensive triage and investigation for various security systems, including IDS/IPS, Full Packet Capture devices, Firewall, DDoS detection and mitigation, availability and SIEM platforms. This is crucial for identifying potential threats, vulnerabilities, and indicators of compromise.
Another important aspect of the role is executing Threat Hunting engagements, performing deep dives, and serving as a technical escalation point for incidents. This includes functioning as an incident handler during high-priority incidents and providing incident remediation and prevention documentation and recommendations to customers.
The role also involves documenting and developing new processes related to security monitoring procedures and delivering customer service that consistently exceeds customer expectations.
Initiating escalation procedures to counteract potential threats, vulnerabilities, and threat actors is another key responsibility. This involves compiling, reviewing, and publishing service-focused reports.
Finally, the role serves as an escalation point for all members of the Cyber Monitoring team, offering assistance and mentorship as necessary. This includes contributing to analyst training programs and continuous improvement initiatives, and actively contributing to the continuous improvement of Security Operations Centre (SOC) procedures and documentation.
Key Accountabilities:
* Serve as the principal point of contact for potential security incident escalation during significant incidents or crisis situations, in collaboration with the Computer Incident Response Team (CIRT), Senior Management, and Senior Analysts.
* Offer guidance and mentorship to junior staff members.
* Function as a 24/7 escalation point for Senior Analysts.
* Contribute to the continuous business development opportunities within Global Management Solutions (GMS).
* Maintain an advanced understanding of emerging threats and vulnerabilities.
* Ensure the development and maintenance of training plans for all analysts within the Security Operations Centre.
* Foster collaborative relationships with internal stakeholders and clients, with a strong emphasis on growth.
* Conduct comprehensive triage and investigation for IDS/IPS, Full Packet Capture devices, Firewall, DDoS detection and mitigation, availability and SIEM platforms, identifying potential threats, vulnerabilities, and indicators of compromise.
* Execute Threat Hunting engagements, perform deep dives, and serve as a technical escalation point for incidents.
* Function as an incident handler during high-priority incidents.
* Provide incident remediation and prevention documentation and recommendations to customers, based on established procedures and analyst experience.
* Document and develop new processes related to security monitoring procedures.
* Deliver customer service that consistently exceeds customer expectations.
* Initiate escalation procedures to counteract potential threats, vulnerabilities, and threat actors.
* Compile, review, and publish service-focused reports.
* Serve as an escalation point for all members of the Cyber Monitoring team, offering assistance and mentorship as necessary.
* Contribute to analyst training programs and continuous improvement initiatives.
* Actively contribute to the continuous improvement of Security Operations Centre (SOC) procedures and documentation.
Minimum Requirements:
* Previous experience working in a technical, client facing capacity within a SOC.
* Minimum 2-4 years of experience within a SOC Senior Analyst role.
Desirable Requirements:
* Splunk Certified Power User/Advanced Power User
* CompTIA Certifications (Security+/ Network+/ Linux+)
* Crest, GIAC or CISSP Certification
* Degree in related field.
* Other relevant certifications.
Behaviours:
* Professionalism: Conduct yourself with professionalism, integrity, and ethical behaviour in all interactions and situations.
* Proactive: Demonstrate a proactive approach to process improvement and process creation, ensuring conformity to the standards of the MXDR SOC.
* Collaboration: Work well within a team environment, communicating effectively with colleagues from different departments and sharing insights to improve security posture.
* Adaptability: Embrace changes in technology and processes, adapting to new challenges and learning quickly in a dynamic security landscape.
Why NCC Group?
At NCC Group, our mission is to create a more secure digital future. That mission underpins everything we do, from our work with our incredible clients to groundbreaking research shaping our industry. Our teams' partner with clients across a multitude of industries, delving into, securing new products, and emerging technologies, as well as solving complex security problems. As global leaders in cyber and escrow, NCC Group is a people-powered business seeking the next group of brilliant minds to join our ranks.
Our colleagues are our greatest asset, and NCC Group is committed to providing an inclusive and supportive work environment that fosters creativity, collaboration, authenticity, and accountability. We want colleagues to put down roots at NCC Group, and we offer a comprehensive benefits package, as well as opportunities for learning and development and career growth. We believe our people are at their brilliant best when they feel bolstered in all aspects of their well-being, and we offer wellness programs and flexible working arrangements to provide that vital support.
We have a high-performance culture which is balanced evenly with world-class well-being initiatives and benefits;
Flexible working
? Financial & Investment
· Pension
· Life Assurance
· Share Save Scheme
· Maternity & Paternity leave
??Community & Volunteering Programmes
Green Car Scheme
? Cycle Scheme
? Healthcare
?️ Office Lifestyle
????? Employee Referral Program
?? Lifestyle & Wellness
? Learning & Development
??? Diversity & Inclusion
So, what’s next?
If this sounds like the right opportunity for you, then we would love to hear from you! Click on apply to this job to send us your CV and the relevant member of our global talent team will be in touch with you. Alternatively send your details to global.ta@nccgroup.com .
About your application
We review every application received and will get in touch if your skills and experience match what we’re looking for. If you don’t hear back from us within 10 days, please don’t be too disappointed – we may keep your CV on our database for any future vacancies and we would encourage you to keep an eye on our career opportunities as there may be other suitable roles.
If you do not want us to retain your details, please email global.ta@nccgroup.com. All personal data is held in accordance with the NCC Group Privacy Policy (candidate-privacy-notice-261023.pdf (nccgroupplc.com)). We are committed to diversity and flexibility in the workplace. If you require any reasonable adjustments to support you during the application process, please tell us at any stage.
Please note that this role involves mandatory pre-employment background checks due to the nature of the work NCC Group does. To apply, you must be willing and able to undergo the vetting process. This role being advertised will be subject to BS7858 screening as a mandatory requirement.
#J-18808-Ljbffr