Cyber Security Analyst - DV Cleared
£65,000 - £70,000 per annum
Yeovil - Onsite
Job Description:
We are looking for a Principal Cyber Security Analyst to join a Protective Monitoring Team at our Yeovil site.
What you'll do as a Principal Cyber Security Analyst:
Team Management: Provide direct line management, guide, and develop the SOC operations team, fostering a positive culture and ensuring continuous skill development.
Mentorship and Development: Mentor and develop junior analysts, fostering a culture of continuous learning and innovation.
Technical Leadership: Serve as the principal technical expert, ensuring efficient monitoring, detection, and response to security threats.
Innovation and Continuous Improvement: Promote continuous improvement initiatives, staying at the forefront of cybersecurity practices.
Tool and Technology Optimisation: Supervise the optimisation of critical security tools, ensuring they support proactive security postures.
Incident Management and Response: Guide and support incident response efforts, providing expertise and guidance.
Insider Threat Management: Manage and investigate Insider Threat cases upon request.
Threat Hunting Leadership: Guide threat hunting teams during scheduled hunts, ensuring comprehensive threat detection.
External Collaboration: Collaborate with external partners to enhance the SOC's defensive posture and ensure compliance with standards.
Customer Network Oversight: Act as the technical expert for assigned customer networks, ensuring their security.
Customer Engagement and Reporting: Provide weekly metrics reports and attend customer service reviews to offer technical insights.
Cross-Functional Teamwork: Encourage collaboration with other departments to address security challenges with integrated solutions.
What we need from you:
We are looking for a motivated self-managed individual who is willing to help design and adapt a constantly evolving service; someone who can demonstrate exceptional analytical skills and liaise professionally with peers and customers even under pressure.
You really must have:
Experience in cyber security including protective monitoring and incident response, e.g. GIAC GMON, GCIA, GCIH or equivalent experience.
SIEM (LogRhythm, Splunk, etc) and IDS (Snort) experience.
Network and Host security experience.
Threat intelligence.
Threat Hunting.
Excellent communications skills.
Mentoring and coaching.
Current DV clearance.It would be nice if you had:
SANS SEC 503 Intrusion Detection in Depth or equivalent.
SANS SEC 504 Incident Handling, Hacker Tools and Techniques or equivalent.
SANS SEC 508 Advanced Incident Response, Threat Hunting, and Digital Forensics or equivalent.
SANS SEC 511 Continuous Monitoring and Security Operations or equivalent.
SANS LDR 551