Job Description
Senior SOC Analyst, SIEM - Sentinel, Manage Engine Log 360, QRadar, Splunk, Incident Response Management, Hybrid London 1-2 days per week.
We are hiring a Senior SOC Analyst to help build a new SOC function. The role will initially be very hands on, responsible for monitoring and triaging of events and incidents for our client base, using such tools as Microsoft Sentinel and Manage Engine Log 360.
This role will play a leading part in the day-to-day activities of the SOC and influence the SOC on an operational, technical and strategic level.
Submit your CV and any additional required information after you have read this description by clicking on the application button.
With a primary focus on small client environments and the corporate sector, this role oversees security monitoring for the company delivered solutions and ensures the integration of SIEM platforms into a new Private Cloud solution.
As the first recruit into the SOC Team, you will collaborate with management to establish and expand the service according to business requirements.
Main Duties and Responsibilities
- Monitoring & Investigation: Monitor SIEM tools to assure high security levels, analyse potential security incidents, conduct real-time analysis, support investigations, and document findings to improve incident response procedures.
- Response: Lead and coordinate incident response activities, develop and maintain incident response plans, and escalate incidents as necessary, ensuring adherence to major incident processes.
- Intelligence: Stay updated on cybersecurity threats, integrate threat intelligence into security monitoring processes, and contribute to the development of threat intelligence feeds.
- Tool Management: Manage and optimize SIEM tools, evaluate new security technologies, and recommend enhancements to the security infrastructure.
- Collaborate with cross-functional teams to address security incidents, provide expertise to other analysts, and ensure monitoring of new and changed services.
- Maintain accurate documentation of security procedures, incident response plans, and analysis reports, create post-incident reports, monthly reporting packs, event and incident management processes, and runbooks/playbooks.
- Responsibilities: Assist in scoping and implementing new solutions, support the Pre-Sales team, conduct demonstrations of SOC tools to clients, and make recommendations for continual service improvement.
Essential Skills and Experience
- Leadership qualities to guide other team members and drive security initiatives.
- Up-to-date knowledge of cybersecurity trends and threats
- Full understanding of SIEM systems –Microsoft Sentinel, Manage Engine Log 360, IBM QRadar, Splunk etc
- Security Operations and Incident Handling
- Analytical mindset and problem-solving skills.
- Understanding of ISO 27001, ISO 9001 & Cyber Essentials would be extremely advantageous
- Applicants must be eligible for SC Security Clearance (British national and single passport holder)
This role demands autonomy, creativity, and a proactive approach to maintaining security. The ideal candidate will possess a blend of technical expertise, leadership qualities, and a commitment to continual improvement.