SOC Analyst – QRadar Crowdstrike Enterprise Level Company

Description de la mission

SOC Analyst – QRadar, Crowdstrike sought by leading satellite communication company based in the city of London.

**Inside IR35** – 95% Remote, Shift Pattern Below.

5 Week Shift Pattern Explained:
Week 1 – 4 Nightshifts > 3 Rest days
Week 2 – 3 Days & 3 Nights with 1 Rest day in between
Week 3 – 3 Rest days > 4 Dayshifts
Week 4 & 5 – « Bank Week » for shift redundancy – Only 2 shifts are scheduled over a 14day period, with the option for additional shifts should this be required for scheduled/ ad hoc cover.
Week 6 – Repeats pattern
**Alternative 11am – 7pm Shift also available**
Key responsibilities of the position
Act as a first line security event analyst monitoring the Security Information and Event Management (SIEM) System. Monitor the alarm console; provide initial analysis of logs and network traffic; and make security event determinations on alarm severity, escalation, and response routing.
Provide first line telephone, e-mail and ticket routing services for security event notifications and incident response processes.
Deliver first level investigation and remediation activities as a member of the Security Incident Response Team. Participate in Security Incident Response Team (SIRT) events: Conduct research and assessments of security events; provide analysis of firewall, IDS, anti-virus and other network sensor produced events; present findings as input to SIRT.
Participate in a Compliance/Vulnerability Assessment (VA) Scanning Capability. Follow a documented process for routine scanning of company infrastructure and network elements. Develop mitigation and remediation plans as a result of the vulnerability assessment findings.
Monitor threat and vulnerability news services for any relevant information that may impact installed infrastructure. Analyze reports to understand threat campaign(s) techniques, lateral movements and extract indicators of compromise (IOCs).
Create and update security event investigation notes, conduct shift change reports on open cases, and maintain case data in the Incident Response Management platform.
Document information security operations policies, process and procedures.
The post will require joining a 24/7 shift rota covering daytime, night time, and weekend work (adequate notification will be provided)
Qualifications
Essential Knowledge and Skills:
A University degree level education or equivalent in Information Security, Forensics, or Computer Science; related experience and/or training in the field of IT security monitoring and analysis, cyber threat analysis, and vulnerability analysis.
Understanding of performing 1st level analysis and interpretation of information from SOC systems; incident identification/analysis, escalation procedures, and reduction of false positives.
A Global Information Assurance Certification (GIAC) Certified Incident Handler (GCIH), GIAC Certified Intrusion Analyst (GCIA), or equivalent certification would be advantageous.
Intermediate knowledge of Information Security fundamentals, technologies, and design principals.
Understanding or proven experience in securing Windows, Linux, Oracle and VM platforms.
Understanding or proven experience of QRadar or similar Security Information and Event Management (SIEM) tools for analysing network and security incidents.
Experience in Tenable Network Security Nessus, BeyondTrust Retina or similar Vulnerability Assessment (VA) scanner operations for identifying network and platform risks and mis-configurations.
Willingness to learn new skills and be self-motivated.
Ability to work in a team environment, to work under pressure and show flexibility.
Excellent verbal and written communication skills in English.
Please apply within for further details or call on 07393149627
Alex Reeder
Harvey Nash