On behalf of the MOD, we are looking for a SOC Engineer, (Inside IR35) for a 20-month contract based in Corsham.
Our work really matters; we offer engaging roles which have a direct impact on the quality of services we provide. We employ people in many different roles and in many locations across the UK and abroad. We also employ doctors, dentists, teachers, police, fire service, quantity surveyors, and engineers to name a few. There are many opportunities to develop and progress both within MOD and across the wider Civil Service, whether you're a permanent appointee or an interim.
Note: DV Clearance is an essential requirement for this role, (as a minimum you will need to be eligible for DV).
Within the Global Operations and Security Control Centre (GOSCC), the Security Operations Centres (SOCs) provide a coherent, holistic, and coordinated approach to Cyber Defence, under execution of the MOD's Defensive Cyber Operation.
The Defensive Monitoring and Incident Response elements are responsible for the 24/7/365 detection of, and response to, Cyber incidents impacting the MOD's Digital Enterprise.
As a SOC Engineer, you will have DV Clearance and provide expert support to the Detections Engineering function to design, build, and fine-tune systems and processes to detect malicious activities or unauthorized behaviours.
Your main responsibilities will be:
1. Support the transition of a SOC to support new systems and services by providing expert security guidance and application of best practices.
2. Provide strategic advice to SOC management regarding incident response, monitoring, logging and analysis of all relevant systems and processes.
3. Shape the development, communication and continuous improvement of the cyber monitoring detection, triage, and incident response plan.
4. Identification of opportunities for cyber investment within the SOC to meet the SOC's remit and requirement.
5. Defining and continuous development of a use case-driven logging, monitoring and response capability to ensure responsiveness and resilience to cyber security threats.
6. Defining the cyber security operations strategy in coordination with senior business and stakeholders.
You'll have relevant experience in:
1. Threat monitoring and intelligence gathering and assessment; processes to scan for vulnerabilities and implementing fixes and mitigations; Incident response management.
2. Experience in the management of Security Event Monitoring and operational response by means of monitoring and correlation tooling, antivirus, network, and host IDS/IPS monitoring and logging.
3. Experience as a Tier 3 SOC Engineer undertaking the activities of Threat Hunting and Detections Engineering.
4. A sole UK National with DV Clearance is required for this position.
#J-18808-Ljbffr