Senior Security Operations / Incident Response
Base earnings to £62,500 + Benefits/Training/Career plans
*Based hybrid, remote + 5-6 days a month on site*
High level overview:
Essentially a Microsoft Security Advanced L2/L3 SOC Incident Response expert, depending on your work environments as this requires more than most! Based remote in the main plus a handful of days on site in Marlow. SC Level Security clearance will be provided (*5 years minimum in the UK only to pass clearance). You'll review security senior level security incidents, alerting them to malicious activities and working with them to investigate and remediate the incidents to resolution.
The Company:
You will work for one of Microsoft UK's deepest embedded partners in their Managed XDR Security Operations Center (SOC) team. They deliver Microsoft security services and solutions among other services, into enterprise customers across Commercial, Public Sector, Government and Microsoft fronted critical national infrastructure focusing on Microsoft XDR services for Sentinel, Defender and more!
They're also a Microsoft Security Solutions Partner (with all 6 solutions partner designations in total), have multiple Microsoft Advanced specializations including all the security ones, and have a Microsoft certified MXDR SOC. A Microsoft Intelligent Security Association (MISA) member they are one of the biggest names in IT Services in the UK with a multi award winning culture built around the values of its people.
The role...
As a Senior level SOC incident response expert in the Microsoft Security operations team, you'll be responsible for:
* Monitoring for security alerts from Security Platforms, primarily Microsoft Sentinel/Defender. Providing advanced second line security incident management and analysis to the customers through effective monitoring, reporting, and technical guidance for successful resolution
* Maintaining high levels of ownership through the security incident resolution lifecycle
* Documenting and managing cases to utilise information for customers reports, providing insight and intelligent recommendations
* Interfacing with our customers to resolve issues, provide additional information, and answer questions related to incidents and monitoring
* Maintaining high quality security incident resolution and performance adherence
* Identifying and reporting tuning and automation opportunities
Ideally you will have...
* Experience working in a Microsoft MDR/XDR SOC,
* Preferably MSSP environment experience, although if you've previously been in busy end customer SOC environment this will be considered
* The ability to dynamically assess risks, threats & threat actors for new and existing customers
* KQL (Kusto Query Language) experience
* Cyber qualifications such as the Microsoft SC-200 or related certs
* Previous experience with SIEM tools including Microsoft Sentinel, and Defender
* Familiarity with cyber security concepts and their application in different business environments
* Detail orientated, with excellent communication skills and the ability to take a structured approach to procedures and working instructions for incident response/resolution