SOC Analyst - Fully remote UK (GBP50,000 - GBP70,000 + Bonus)
You will be responsible for monitoring clients network and endpoints for security alerts, investigating incidents, and assisting in incident response. You will also play a vital role in maintaining and optimizing our security information and event management (SIEM) platform. While previous experience in a Managed Security Service Provider (MSSP) environment is advantageous, it is not a strict requirement.
Key Responsibilities
- Utilize a SIEM platform (LOGRHYTHM) to monitor the client's network and endpoints for security alerts, and conduct thorough investigations when incidents occur.
- Serve as the first-tier responder for incident analysis and investigation, escalating issues as necessary.
- Contribute to containment strategies during security incidents, data loss, or breaches.
- Assist in the design and implementation of SIEM use cases to enhance detection capabilities.
- Ensure the SIEM platform's health through daily checks and proactive maintenance.
- Employ various applications and systems, including firewalls, IDS, NAC, and encryption programs, to protect sensitive data and perform deeper investigations.
- Collaborate closely with the SecOps Team and engage with specialists to support security control operations.
- Assist in preparing reports documenting security incidents and their impact.
- Support Senior Security Analysts by providing guidance on threats, vulnerabilities, and security changes.
- Stay updated on the latest information security trends to assess their potential impact on the client's environment.
- Participate in an on-call incident response team on a rotational basis (fortnightly).
- Generate relevant reports, including end-of-day summaries, handover reports, management intelligence, and threat and risk analyses.
- Liaise with third-party vendors when necessary to troubleshoot SIEM platform issues.
- Ensure all deliverables align with agreed-upon KPIs and SLAs.
- Follow the lead analyst's direction on the account(s) and assist with other services as required.
Qualifications
- Solid knowledge and understanding of the IT industry and its business needs.
- Strong grasp of information technology and information security concepts.
- Familiarity with security risks and preventive controls.
- Understanding of Firewalls, IDS, NAC, as well as MacAfee EPO and HIPS (advantageous).
- Excellent comprehension of security operational processes and controls.
- Knowledge of the Cyber kill chain, Malware toolkits, Attack surface, and Attack vectors.
- Familiarity with processes for malware analysis and reverse engineering.
- Effective communication skills, with the ability to engage with stakeholders at varying operational levels.
- Team player with the ability to work independently.
- Willingness to follow established processes and enhance them as needed.
- Industry-recognized accreditation or higher education qualification, such as a Cyber Security-related degree, Network+ Sec+, ITIL, or equivalent demonstrable experience.
- Experience working in compliance-driven environments, such as PCI DSS, FSA (UK), and ISO.
- Applicants must be UK-based and able to pass a 3-year security background check.
Required Experience
- Proven 2 years of experience in a similar role, preferably within the Managed Security Service industry.
- Experience providing Managed Security Services or working in Threat/Risk Management environments, with a preference for SIEM platform exposure.
- Proficiency in monitoring security events, analyzing alerts, and managing security incidents, including incident prioritization and escalation.
- Knowledge or experience with Threat Detection and Hunting methodologies.
- Experience supporting Incident and Change Management processes.
SOC Analyst - Fully remote UK (GBP50,000 - GBP70,000 + Bonus)