Principal SOC Analyst

The Department for International Trade (DIT) and Inspire People are partnering together to bring you an amazing opportunity to join a team at the heart of the global economy and make a difference The Digital, Data and Technology (DDaT) team at DIT havea newly created opportunity for a Senior SOC Analyst responsible for the identification and handling of security threats, monitoring the SOC's Target Operating Model (TOM) at a high level, and acting as the final point of escalation for the resolution of incidents.£55,400 to £74,600 (including allowances) plus excellent Civil Service benefits. Salary is dependent on location and technical skills as assessed at interview. Flexible, hybrid working from London, Cardiff, Darlington, Edinburgh or Belfast.
DIT's Digital, Data and Technology team develops and operates tools, services, and platforms that enable the UK government to provide world leading support to businesses in the UK and overseas.
You'll get to constantly push boundaries in an environment free of heavy legacy, driven by curiosity, social purpose, diversity of thought, entrepreneurship, and the aspiration to offer an incredible experience to all DIT's users.
This role sits within the DIT Security Operations Centre (SOC). A key part of the role will be the identification and implementation of lessons learned from cyber security incidents as part of a continuous improvement cycle. Improvements to DIT's capabilityto detect and response will be a priority. In the role you will be managing and mentoring junior SOC staff, and so this role is suitable for someone looking for a position of responsibility.
**In your day-to-day role as the Senior SOC Analyst, you will**:

- Lead the implementation of the DIT monitoring policy?and management of the SOC TOM, providing expert advice to junior SOC staff.
- Review existing and new data sources being ingested into the SIEM and propose and implement use cases for detection and analysis.
- Produce thorough documentation on complex incidents focussing on the improvements that can be made to processes, playbooks, and tooling.
- Manage incident response exercises and scoping, design and governance of red-teaming and threat-hunting activity in collaboration with the Threat Hunter?and in line with DIT's policies.?
- Communicate the significance of the results of investigations and risk mitigation outcomes and engage with a broad range of senior stakeholders.
- Be responsible for defining the vision, principles, and strategy for incident response.?
**Essential Skills and Experience**:
You should be able to demonstrate essential skills and experience of:

- Significant experience of working at tier 2 or tier 3 in a SOC with management/mentoring responsibilities.
- Demonstrable experience with KQL or similar query language.
- Solid knowledge of various information security frameworks, for example MITRE.
- Demonstrable experience in cyber security incident management.
- Effective verbal and written communication skills.
- Demonstrable knowledge and experience of intrusion detection and analysis skills.
**Desirable Skills and Experience for the Senior SOC Analyst**:
While not essential, it would be ideal if you have demonstrable skills and experience of:

- SIEM and Security Software, especially Microsoft
- Professional information security certification - CISSP or similar.
- Experience of working in a multi-cloud environment.
- Knowledge or experience of forensics.
**In return, you can expect a planned, transparent progression with learning and development tailored to your role, an environment with flexible working options and a culture encouraging inclusion and diversity, plus the following benefits**:

- Salary of £55,400 to £74,600 (including allowances) including annual allowance depending on location and experience
- Flexible, hybrid working from London, Cardiff, Darlington, Edinburgh or Belfast.
- Annual leave starting at 25 days per annum plus statutory bank holidays rising to 30 days after 5 years of service
- An excellent Civil Service pension scheme.