SOC Analyst

4 days ago


Manchester, United Kingdom CV-Library Full time

TWX have partnered with a Cyber Security technology and service provider headquartered in Gloucestershire. They are looking to add multiple SOC Analysts to their current team, with the primary aim being to undertake and support the response to a cybersecurity event or incident as well as support other cyber services within the business.
The goal of the SOC is to minimise and control the damage resulting from cybersecurity incidents, provide practical guidance for the response, coordinate recovery activities, and work to prevent future incidents from reoccurring. Additionally, you will be helping with the monitoring of information security controls within the business by analysing alerts received in line with our information security policies and practices and dealing with any/all security incidents.
WHY?
* Working within a comprehensive team with decades of experience in Cyber and Incident Response
* £45K - £60K DOE
* Additional Training Budget
* 23 days Annual Leave + Bank Holidays + 3 days between Christmas and New Year.
* Private Healthcare Buyback Scheme
* Mostly Remote Working – With irregular trips to the HQ in Cirencester or a serviced office space in Manchester (Once a month or once a quarter, as well as an expensed onboarding trip to the HQ shortly after start)
* 37.5 hours per week within a UK based rapid growth Cyber Business with a diverse client base + Early finish 1 day per week
* Vendor training and internal skills and knowledge transferring
Please note, this is a 24/7 SOC with 8 hour rotational shift patterns, please see (or request) corresponding rota for more information.
WHAT IS A TYPICAL DAY
Reviewing & Triage initial alerts
First point of escalation
Initial investigation
Clarify incident severity
Knowledge of security methodologies for investigation
Comfortable with RAW output
Threat Intel Info - against alerts
Threat Hunting
Internal Security and Log Management
On top of the SOC Management you can be working on other services:-
Dark Web monitoring service
Guiding and Shaping Ideas for Crisis Simulations (often around Threat hunting and what happens following one of the well known cyber threats all the way from insider threat and supply chain compromise to Ransomware.
Client Risk Compromise and Supply Chain Risk
CIS Based Gap analysis with our customers reviewing key parts of their cyber stack.
ACCOUNTABLITIES AND ACTIVITIES
Analytics
Use raw log sources and other security and operational tools to monitor and analyse the security posture of the IT estate and identify anomalous activity and behaviours.
Investigates defines and resolves complex issues.
Produce incident reports to present activity and outcome of operational security services and activity.
Select appropriately from applicable standards, methods, tools and applications.
Incident management
Aid with the investigation of security breaches following established procedures and make sure any recommended follow up actions are taken to ensure a reduction in the likelihood of reoccurrence.
Co-ordinate and manage all Incident Responses.
Make sure that all security incidents have been correctly prioritised and diagnose in according to agreed procedures.
Investigate the causes of incidents, document findings and seek resolution.
Ensure the escalation of any unresolved incidents has been completed according to agreed procedures.
Oversee the facilitation of recovery, following the resolution of incidents.
Make sure security incidents have been documented and closed according to agreed procedures.
Serve as a backup for security operations emergency response.
Facilitate collaboration between stakeholders who share common objectives.
Information security
* Review, update and, when needed, create IR polices, playbooks and standard operating procedures documentation.
* Use security tools and, where appropriate, develop scripts of your own tools to assist with the ongoing analysis of a security event or incident.
* Provide advice and guidance to other teams within the business on good practice and maintain relevant and current industry knowledge.
* In relation to active incidents, implement effective security controls to protect core business processes and data.
* Oversee, in relation to active Incidents, the operation and optimisation of security tooling/products, including network security (IDS/IPS/Firewalls), logging and auditing, event and incident management, and privileged access management controls.
* Act on security incidents, requests and events to ensure that threats, vulnerabilities and breaches are managed to minimise impact to confidentiality, integrity and availability of systems and data.
* Understand the requirement for and be able to assist in the creation of security risk, vulnerability assessments, and business impact analysis as required.
Security administration
Oversee the operation or support the operation of tools that contribute to effective security.
Take responsibility to make sure that the onboarding of any enhancements to the security tools, including deployment and on-going management and maintenance is completed.
Undertake periodic reviews of relevant information security policies and baseline control standards, by influencing required additional and updated controls based on the content of internal and external audit reports, trends derived from security operations, information from project-based activities and incident resolutions.
QUALIFICATIONS, TRAINING AND EXPERIENCE (E= Essential. D= Desirable, P= Preferred)
1.5+ years of experience within an enterprise-level SOC or CSIRT function. (E)
Experience with Malware tools and ability to analyse Malware. (E)
Security certificates such as: CISSP, CISM, GIAC, GCFE, GISP, GSEC, or CEH, would be preferable considered when discussing compensation, but these are by no means essential or expected for this position.
You will have a track record of technical delivery working within a fast-paced environment.
* In-depth experience in at least one technology tower out of
End-User Computing,
Hosting,
Networks,
Cloud,
Development.
* You will be confident in your technical expertise and can present yourself as a technical authority.
* Capable of breaching. (E)
* Can take a pragmatic view of the application of technologies; understanding the business application of them and able to identify a balance between the management of risk and the capability for the business to continue to operate.
* Communicates fluently, orally and in writing, and can present complex information to both technical and non-technical audiences.
* Experience of Security Monitoring tools.
* Experience of Vulnerability Management and Threat Intelligence.
* Knowledge of perimeter and host security intrusion techniques.
* Knowledge of commonly accepted information security principles and practices, as well as techniques attackers, use to identify vulnerabilities, gain unauthorised access, escalate privileges and access restricted information.
* You will be able to rapidly absorbs new information and apply it effectively



  • Manchester, United Kingdom Secure Recruitment Ltd Full time

    SENIOR SOC ANALYST / INCIDENT RESPONSE Up to £80,000 / Bonus + Excellent Staff Benefits Strong Career Growth Opportunities 2 Days Onsite / 3 Days Remote No Shift Work (Normal 09:00-17:30pm) Working Hours An interesting opportunity has presented itself within one of the UKs largest Independent Software Based Organisations who are one of a major driving...

  • SOC Analyst

    1 month ago


    Manchester, United Kingdom TWX Full time

    ABOUT THE JOBSecure Your Future with TWXPioneering Cyber Security RecruitmentAt TWX, we believe in being more than just a recruitment agency; we're your future career's catalyst.With a vision to fortify the UK's position in the global cyber security landscape, we're on a mission to develop the most extensive database of Cyber Security Talent. Our...

  • SOC Analyst

    1 month ago


    Manchester, United Kingdom TWX Full time

    ABOUT THE JOBSecure Your Future with TWXPioneering Cyber Security RecruitmentAt TWX, we believe in being more than just a recruitment agency; we're your future career's catalyst.With a vision to fortify the UK's position in the global cyber security landscape, we're on a mission to develop the most extensive database of Cyber Security Talent. Our...

  • SOC Analyst

    1 month ago


    Manchester, United Kingdom TWX Full time

    ABOUT THE JOBSecure Your Future with TWXPioneering Cyber Security RecruitmentAt TWX, we believe in being more than just a recruitment agency; we're your future career's catalyst.With a vision to fortify the UK's position in the global cyber security landscape, we're on a mission to develop the most extensive database of Cyber Security Talent. Our...

  • SOC Analyst

    4 weeks ago


    Manchester, United Kingdom TWX Full time

    ABOUT THE JOB Secure Your Future with TWX Pioneering Cyber Security Recruitment At TWX, we believe in being more than just a recruitment agency; we're your future career's catalyst. With a vision to fortify the UK's position in the global cyber security landscape, we're on a mission to develop the most extensive database of Cyber Security Talent. Our...

  • Senior Soc Analyst

    5 days ago


    Manchester, United Kingdom Secure Recruitment Ltd Full time

    SENIOR SOC ANALYST / INCIDENT RESPONSE Do you have the right skills and experience for this role Read on to find out, and make your application.Up to £80,000 / Bonus + Excellent Staff Benefits Strong Career Growth Opportunities 2 Days Onsite / 3 Days Remote No Shift Work (Normal 09:00-17:30pm) Working Hours An interesting opportunity has presented itself...


  • Manchester, United Kingdom General Medical Council Full time

    Do you want to work in a well-respected, supportive and highly performing team? Have you got extensive technical, hands-on experience, detecting, analysing, and responding to security incidents and events, gained in a Security Operations Centre (SOC), strong knowledge of SIEM technologies and the interpersonal skills to work professionally with internal...


  • Manchester, United Kingdom NCC Group Full time

    Position Title: SOC Operations Team Lead Location: Hybrid/Manchester Role Purpose: As an Operations Team Lead, your role is instrumental in ensuring the smooth and efficient functioning of our MXDR SOC operational processes, facilitating collaboration among team members, and driving continuous improvement initiatives. Your primary purpose revolves around...


  • Manchester, United Kingdom General Medical Council Full time

    Do you want to work in a well-respected, supportive and highly performing team?Have you got extensive technical, hands-on experience, detecting, analysing, and responding to security incidents and events, gained in a Security Operations Centre (SOC), strong knowledge of SIEM technologies and the interpersonal skills to work professionally with internal and...


  • Manchester, United Kingdom Cloud Decisions Full time €525

    Senior Security Operations / Incident Analyst x3 6 month contract Based hybrid, remote + site 5-6 days a month* Essentially 3x Microsoft Security advanced L2 SOC Analysts, or L3 SOC Analysts, depending on your work environments as this requires more than most! Based remote plus a single site in either Manchester, Birmingham or Maidenhead for only a...


  • Manchester, United Kingdom Cloud Decisions Full time

    Senior Security Operations / Incident Analyst x3 Base earnings to £62,500 + Benefits/Training *Based hybrid, remote + site 5-6 days a month* Manchester, Birmingham or Maidenhead all work High level overview: Essentially 3x Microsoft Security advanced L2 SOC Analysts, or even L3 SOC Analysts, depending on your work environments as this requires more than...


  • Manchester, United Kingdom Cloud Decisions Full time

    Senior Security Operations / Incident Analyst x3 6 month contract To £525 a day *Based hybrid, remote + site 5-6 days a month* Manchester, Birmingham or Maidenhead all work High level overview: Essentially 3x Microsoft Security advanced L2 SOC Analysts, or L3 SOC Analysts, depending on your work environments as this requires more than most!Based remote plus...


  • Manchester, United Kingdom Cloud Decisions Full time

    Senior Security Operations / Incident Analyst x3 6 month contract To £525 a day *Based hybrid, remote + site 5-6 days a month* Manchester, Birmingham or Maidenhead all work High level overview: Essentially 3x Microsoft Security advanced L2 SOC Analysts, or L3 SOC Analysts, depending on your work environments as this requires more than...


  • Manchester, United Kingdom Cloud Decisions Full time

    Senior Security Operations / Incident Analyst x3 Base earnings to £62,500 + Benefits/Training *Based hybrid, remote + site 5-6 days a month* Manchester, Birmingham or Maidenhead all work High level overview: Essentially 3x Microsoft Security advanced L2 SOC Analysts, or even L3 SOC Analysts, depending on your work environments as this requires...


  • Manchester, United Kingdom Cloud Decisions Full time €525

    Senior Security Operations / Incident Analyst x3 6 month contract To £525 a day *Based hybrid, remote + site 5-6 days a month* Manchester, Birmingham or Maidenhead all work High level overview: Essentially 3x Microsoft Security advanced L2 SOC Analysts, or L3 SOC Analysts, depending on your work environments as this requires more than most! Based...


  • Manchester, United Kingdom Cloud Decisions Full time

    Senior Security Operations / Incident Analyst x3 Base earnings to £62,500 + Benefits/Training*Based hybrid, remote + site 5-6 days a month*Manchester, Birmingham or Maidenhead all workHigh level overview: Essentially 3x Microsoft Security advanced L2 SOC Analysts, or even L3 SOC Analysts, depending on your work environments as this requires more than most!...


  • Manchester, United Kingdom Cloud Decisions Full time

    Senior Security Operations / Incident Analyst x3 Base earnings to £62,500 + Benefits/Training*Based hybrid, remote + site 5-6 days a month*Manchester, Birmingham or Maidenhead all workHigh level overview: Essentially 3x Microsoft Security advanced L2 SOC Analysts, or even L3 SOC Analysts, depending on your work environments as this requires more than most!...


  • Manchester, United Kingdom Cloud Decisions Full time

    Senior Security Operations / Incident Analyst x3 Base earnings to £62,500 + Benefits/Training *Based hybrid, remote + site 5-6 days a month* Manchester, Birmingham or Maidenhead all work High level overview: Essentially 3x Microsoft Security advanced L2 SOC Analysts, or even L3 SOC Analysts, depending on your work environments as this requires more...


  • Manchester Area, United Kingdom Cloud Decisions Full time

    Senior Security Operations / Incident Analyst x3 6 month contract To £525 a day*Based hybrid, remote + site 5-6 days a month* Manchester, Birmingham or Maidenhead all work High level overview: Essentially 3x Microsoft Security advanced L2 SOC Analysts, or L3 SOC Analysts, depending on your work environments as this requires more than most! Based remote plus...


  • Manchester Area, United Kingdom Cloud Decisions Full time

    Senior Security Operations / Incident Analyst x3 6 month contract To £525 a day*Based hybrid, remote + site 5-6 days a month* Manchester, Birmingham or Maidenhead all work High level overview: Essentially 3x Microsoft Security advanced L2 SOC Analysts, or L3 SOC Analysts, depending on your work environments as this requires more than most! Based remote plus...