Csoc Solution Lead

**Location**: Home based, approximately 3 days a week with our client in Portsmouth.
**Contract**: Full time, Permanent
**Salary**: £45,000 - £60,000.

**25 days Annual Leave, plus bank holidays**

This is an exciting time to join 3DOT, the leading cyber security and systems architecture advisory firm serving the public sector and transforming the client's digital environment.

We are looking for a technically savvy, security-aware team player who can lead the development of Defensive Cyber Operations as part of a Cyber Security Operations Center and work in a team environment. (CSOC). To detect cyberthreats against an organisation, the processes, data, and technology must all be enhanced and developed.

**Main areas of responsibility**:
Development of processes, procedures and work instructions for a SOC to mature their capability and effectiveness
Continuously looking for improvements to ensure services operated are aligned to industry best practice.
Maturing improvement initiatives from project into service delivery
Integrate the SOC with other parts of the organisation including other SOCs and business functions
Deliver improvements in SOC configuration and automation; and
Collaborate with SOC analysts to perform monitoring, analysis, and incident resolution activities;
Support the addition of new rules for the product against emerging client scenarios/priorities.
Vulnerability Management understanding and tooling
Support wider test and assurance activities
SIEM/SOAR activities such as log gathering, Event monitoring, Incident alerting
Supporting the other departments and functions in the identification and ongoing monitoring of specific security risks and KPIs
Respond to security events, requests and incidents logged in management systems.
Perform in-depth analysis of log files, systems, and network traffic.
Work to well-defined SLAs & KPIs

**About you**:
Minimum of three years of experience working in a Security Operations Center (SOC) with solid skills and experience of the following:
Experience in the secure elements of service delivery
Ability to work well in a mixed client team
Ability to quickly pick up new technologies
Endpoint security includes antivirus, device control, integrity, and HIDS.
Security controls and protocols for network devices
Working knowledge of SIEM integration and operations
Excellent/strong knowledge of the OSI Model and associated layer protocols
Creation of protective monitoring Use Cases.
Real-world threat hunting experience
A current driving licence

**Working knowledge of the following is desirable**:
Experience researching current threats and vulnerabilities to Information Technology systems.
Experience working in a Security Operations Centre (SOC)
Experience working with SIEMs and evaluating SIEM alerts
Scripting/programming experience
Log management: collect, aggregation, storage, analysis
Operating system security (Windows, LINUX/UNIX)

**Desirable Qualifications**:
Information Security qualification, Degree-level education in Information Security or related area
Certified Ethical Hacker
Network+
Security+
CySA+
CREST - Intrusion Analyst, Cyber Threat Intelligence
SANS GNFA, GCIH

**What You Will Get in Return**:
Competitive salary depending on experience.
25 days annual leave, plus bank holidays
Matched pension contributions of 10%
Performance based bonus scheme
A place to work that is focused on our customers and not the trivia.
The chance to work with an equal opportunity employer.

**Security Vetting**

Due to the nature of our business and clients, all our roles require a valid and active UK government security clearance (at least SC). In very exceptional circumstances such as for recent graduates we may be able to assist in obtaining this.

**Equal Opportunities**

Committed to encouraging equality, diversity, and inclusion among our workforce, and eliminating unlawful discrimination. The aim is for our workforce to be truly representative of all sections of society and our customers, and for each employee to feel respected and able to give their best.

**Who are 3Dot?**

3DOT is a market leading cyber security consultancy, specialising in the delivery of cyber security architecture, security operations and risk reduction; advising clients on cyber security best practice. For the past eleven years, 3DOT has worked with some of the leading names in industry and academia, both with niche SME and startups, through to the largest global organisations, to deliver successful outcomes to a range of public and private sections clients in central government and critical national infrastructure sectors. Our teams consistently exhibit the proper mentality, integrity, and performance.

3DOT is seeking individuals with the right aptitude, mindset, and utmost integrity, alongside the relevant knowledge and expertise to produce the desired outcomes. We have adopted a proven agile methodology to ensure delivery is realised early and consistently within a project timeframe and issues or blockers are surfaced early to ensure the client's intended outcome is able to be satisfied in the most efficient manner.

You may have experience of the following: CSOC Analyst, Information Security Analyst, Cyber Security Analyst, CSOC, Information Security Manager, IT Security Manager, Risk Analyst, Security Analyst, IT Security Analyst, Information Security, Compliance Analyst, Cyber Security, Computer Science, Information Technology, etc.

REF-206 291