IT Security Operations Analyst | Remote & South East | £30,000 – £35,000
Our partner is growing their team again!
++ This role offers the flexibility of working from home – however for the first 3 months, you will need to make provisions to be in Surrey (HQ) for induction & training, potentially for several days per week ++
Our partner is looking or an IT Security Operations Analyst to work closely with the Information Security Manager in delivering and maintaining confidentiality, integrity and the availability of their customers’ information and information systems. This will be primarily achieved through the identification and response to security events; identified on event monitoring systems.
THE BASICS:
Security Operations Analysts who can develop and maintain SIEM services based on MS Sentinel, including but not limited to advising of events capture, tuning, use case development, alert triage and response will be of interest.
The ideal candidate will be an advocate for IT Security with an ability to identify, triage and respond to security events identified by any of the security controls used in our partners’ customer environments. If you can respond and manage service requests, problems and incidents logged at the Service Desk or act as a point of escalation for security related issues we would like to hear from you today.
Providing root cause analysis of security breaches in a confidential manner, advising the Information Security Manager of any improvements to working practices or beneficial technical changes to improve the security and performance and drafting and managing processes and procedures relating to Security and Operations will be vital to your success in this role.
ABOUT YOU:
If you have a professional IT qualification such as MCSE, CCNA, CompTIA or an Information Security qualification such as SSCP, Security+, ECIH, coupled with demonstrable experience on monitoring and developing use cases in SIEM products, with an ability to investigate, troubleshoot and resolve security events you are likely to receive an immediate interview request.
Good levels of knowledge in IT and networking fundamentals, for example, Operating Systems, Directory services, TCP/IP, DNS, HTTP(S), SMTP and good levels of understanding in the approach threat actors take to attacking a network, phishing, port scanning, web application attacks, DDoS, lateral movement will hold you in good stead.
IT Security Operations Analysts with experience of working in a Security Operations Centre, and/or in an operational IT Services environment, with knowledge of Windows and/or Linux operating systems, and how to investigate them for signs of compromise will be considered.
THE ADDITIONALS:
If you have experience in a commercial IT Solutions provider or Managed Services environment, with foundational understanding for Public / Private Cloud Services (Azure/AWS/O365, CASB) and how an attacker can utilize these platforms, with use of MS security stack – Defender for Endpoint, Defender for Identity, you will thrive in this role.
Knowledge of Government Security frameworks (PSN, DSP Toolkit, G-Cloud) would be desirable, but not essential.
THE SALARY SCALE:
Entry Level:
Incident handler qualification or equivalent, with some experience with SIEM, scripting skills, but SOC not essential.
Mid Level:
SOC experience, with some experience with SIEM, and exposure and use of other MS Defender security stack tools.
Top Level:
Valid, relevant qualifications, SOC experience and several years’ experience with SIEM, exposure and use of other MS Defender security stack tools.
THE CONCLUSION:
Individuals who are comfortable in analysing and creating scripts, (preferably in KQL), with an ability to identify, recommend and implement operational improvements and generate reports and present key security metrics should apply today.
Our partner is looking to start the interview process ASAP, so if you have strong interest in IT Security, with an enthusiasm to learn and you are self-motivated coupled with accurate and clear written, and oral communication skills, this could be the ideal job opportunity for you.
This job role will require SC clearance which is a requirement of employment for this position.
Get in touch with the team at Jonothan Bosworth today for more details.
FU_01_SOA21_SE