Senior SOC Analyst - Cyber security, SIEM, Firewalls, IDS/IPS

---

Job description

Would you like to play a key role in defending one of the UK's major defence companies from cyber-attack?

Our client are currently seeking several Senior SOC Analyst to join the business in a permanent capacity. The role will be based at their busy and secure sites in Preston but will allow for Hybrid working arrangement of remote working with travel to site a minimum of 1 day per week (Sometimes 2 day a week).

Due to the nature of our clients work, the role will require successful applicant to hold security clearance to SC level or be will and able to undergo the Vetting process to achieve this.

As a Senior SOC Analyst, you will be working in a dedicated security team safeguarding the businesses IT infrastructure against Cyber Threats coming from sources that range from state actor's through to individuals. You will use the latest SIEM and analytical tools and apply your technical and business knowledge to proactively detect, investigate and report on the complete range of cyber-attacks faced by a Defence Prime Contractor.

This role will provide you with the opportunity to work at the forefront of cyber-attacks and investigations in a varied, interesting and engaging role. You will also be coming into an area of focus for the business giving you access to the data and technology necessary to thrive within the position, as well as extensive training and development opportunities through the businesses Cyber Academy. This role sits in an area of growth for the business and will lead to progression opportunities across the business.

Your main responsibilities as a Senior SOC Analyst will involve:

• Triage, analyse and investigate alerts, log data and network traffic using the monitoring platforms and Internet resources to identify cyber-attacks/security incidents
• Proactively search for those threats not easily detected by existing use cases
• Act as a mentor and as an escalation point within the team for technical queries.
• Ensure timely and accurate communication of incidents to IT, network or security teams across the business
• Escalate suspected major security incidents/investigations where support is required
• Define monitoring use cases and develop prototype rules eg In response to intelligence or gaps in defences
• Ensure services are operated in line with agreed service definitions and measures
• Contribute to the development of the services through people, process and technology where appropriate
• Build a comprehensive knowledge of the businesses IT systems to support monitoring activities and tailor remediation recommendations to systems
• Be able to work flexibly in line with the business demands
• Adhere to and help ensure adherence to relevant policies, standards, processes and procedures
• Contribute to and help the development of Cyber Operations through knowledge sharing, research and supporting improvement initiatives/projects
• Contribute to and help define requirements for future security capabilities along with the Lead Analyst.

Your skills and qualifications:

Essential:

• Relevant Vendor and GIAC Qualifications or equivalent proven industry experience.
• Broad and detailed experience of technologies including but not limited to Firewalls, IDS/IPS, Active Directory, endpoint protection, Windows Server, Linux, TCP/IP, Networks, Cloud, CDN's and Vulnerability Management
• A strong technical background with a detailed knowledge of cyber security, computer networks and operating systems.
• Analytical background and comfortable analysing and interpreting large and complex data sets and articulating the story behind any observations along with providing conclusions and recommendations
• Knowledge and experience of using tools to dissect common threats to produce useable IOCs. eg Malicious document analysis.
• Detailed knowledge of the current threat landscape, the TTPs frequently employed in those attacks and how we can investigate and mitigate these.

Desirable:

• Background of prior experience of working in an information and/or cyber security environment (Government or commercial sector) environments
• Development experience or Scripting languages

What we're looking for in you:

You will be a highly motivated individual with the ability to work autonomously to complete a range of tasks to time with minimal supervision. You will also be a good team player that is willing to assist and mentor others within the team.

Synergize Consulting is committed to equality and diversity in our workplace. Synergize Consulting provides equal employment opportunity to all employees and applicants without regard to an individual's protected status, including race/ethnic origin, colour, nationality, national origin, ancestry, sex/gender, gender identity/expression, gender reassignment, sexual orientation, marriage/civil partnership, pregnancy/maternity, religion or belief, age, disability, or any other protected status or characteristic.