£40K/yr to £50K/yr
England, United Kingdom
Permanent, Variable

L2 Cyber Security SOC Analyst

Posted by Concept.

Job Title: L2 Cyber Security SOC Analyst

Location: [3 days a week in the office (York or Staines), 2 days a week working from home]. Adhoc meetings in other UK locations

Department: Cyber Security Operations Center (SOC)

Type: Full-time

Salary: £50,000

Reports To: Compute & Security Operations Manager

About the Role:

We are seeking a dedicated and experienced L2 Cyber Security SOC Analyst to join our dynamic team. The ideal candidate will have a strong background in Microsoft Sentinel and the entire Microsoft XDR Suite (Microsoft Defender for: Endpoint, Office 365, Cloud Apps and Identity). As an L2 SOC Analyst, you will play a crucial role in ensuring the security and integrity of our clients' systems and data working with internal teams and external partners.

You will carry out Microsoft Sentinel and XDR integration & log onboarding, SOAR integration, automation, Threat hunting & analysis, Containment & Eradication tasks as needed.

Key Responsibilities:

  • Carry out "Prepare tasks: from the NIST SP800-61r2 Incident Response Lifecycle including**:** SIEM integration, log onboarding/parsing, SOAR Integrations and Automations, configure and Monitor System & Service Health and configure SecOps case management tooling.
  • Incident Detection and Response: Monitor, detect, and respond to security incidents using Microsoft Sentinel and Microsoft XDR Suite tools. Carry out proactive Threat Hunting, Analysis, Contain attacks, and Eradicate where possible using the MXDR tooling.
  • Threat Analysis: Perform detailed analysis of potential security incidents, assessing the threat level and potential impact on the organisation.
  • Incident Investigation: Conduct in-depth investigations of security incidents, by analysing logs, network traffic, and endpoint data to determine root cause and scope. Provide recommendations and corrective actions to contain, mitigate and eradicate a threat.
  • Security Monitoring: Monitor SIEM and MXDR tooling and alerts for suspicious activity, identifying potential security incidents.
  • Incident Documentation: track and document incidents and responses throughout the incident response process in the incident management system, ensuring thorough and accurate records to include timelines, actions taken, and resolutions.
  • Collaboration: Work closely with other SOC analysts, IT staff, and stakeholders and 3_rd_ parties/partners to coordinate responses to security incidents (e.g. to implement security controls, patch vulnerabilities, and remediate threats.)
  • Threat Intelligence: Research and stay updated on latest cyber threat intelligence, vulnerabilities and attack methods, and apply this knowledge to improve detection and response capabilities. Integrate Threat Intelligence Feeds and Implement agreed Detection content strategy.
  • Compliance: Ensure adherence to relevant security standards, regulations, and best practices, especially those pertinent to UK government and NHS organisations.
  • Mentoring: Provide guidance and mentorship to L1 SOC Analysts, helping to develop their skills and knowledge.
  • Process Improvement: Identify opportunities for improvement in SOC processes, tools, and techniques.

Qualifications:

  • Education: Associate degree in Computer Science, Information Security, or a related field (or equivalent experience).
  • Experience: Minimum of 3-5 years of experience in SecOps role with proven experience in using Microsoft Sentinel and the Microsoft Defender XDR Suite, Incident Monitoring, Detection and Response role including proactive investigations and threat hunting.
  • Certifications:

Minimum: SC-200: Microsoft Security Operations Analyst

Other Certifications for Microsoft Sentinel, Microsoft MXDR and Azure are desirable

Other related Industry Certifications from either ISACA, GIAC, EC Council, SANS, CREST or equivalents are desirable relating to security operations, monitoring, incident handling and response.

  • Knowledge: Strong understanding of cyber security principles, threat landscape, new threats, vulnerabilities, attack methods and incident response methodologies.
  • Skills: Proficient in using SIEM tools, especially Microsoft Sentinel, and familiar with the entire Microsoft XDR Suite. Strong analytical and problem-solving skills.

Mandatory Requirements:

  • Excellent spoken and written English with the ability to effectively convey complex technical information to both technical and non-technical stakeholders.
  • Communication: Excellent verbal and written communication skills, with the ability to effectively convey complex technical information to both technical and non-technical stakeholders.
  • Clearance: ability to obtain and maintain security clearance.
  • Shift work: 24 Hour x 7 days a week Shift Pattern

Related

We use cookies to measure usage and analytics according to our privacy policy.