The Opportunity
Nigel Wright is supporting a financial services business who is seeking a Security Operations Analyst with Sentinel experience to join the IT Security and Governance team on a fixed term basis for a period 12 months. In this home based role, As a Security Operations Analyst, you will be responsible for securing and protecting network systems, applications and data. This includes ensuring the appropriate IT Security controls and processes are in place across the business's Microsoft IT infrastructure. You will support the SOC team conduct initial incident triage, determining scope, urgency and appropriate actions to mitigate threats.
The Role
The Security Operations Analyst will support the rest of the security operations team to monitor, triage and investigate alerts and incidents within the Sentinel SIEM tool. You will:
- Support the SOC team conduct initial incident triage, determining scope, urgency and appropriate actions to mitigate threats.
- Participate in the incident response process, assisting with investigation and remediation.
- Support managing support request via the ITSM tool.
- Support with BAU activities such as daily checks.
- Assist with analysing and trending of security log data.
- Support triaging of vulnerabilities, response and mitigation with teams across IT.
- Support remediation actions meetings across technical teams including evaluating and translating vulnerability scan and pentest results.
- Support with Threat Hunting activities.
- Analyse and support with analytical rules for incidents.
- Support with QBRs and vendor management meetings.
- Support with reviewing and evaluating security control effectiveness.
- Support with change management request within IT Security and reviewing other technical teams change requests.
- Support and create process and procedural documentation.
The Person
With prior experience as a Security Operations Analyst, you will have a technical understanding of the required security controls to secure complex architectural solutions hosted on premise and in the Microsoft Cloud. With experience of managing security in M365, including the full suite of E5 security tools/Defender products is key to this role.
You will have experience of working with Microsoft Sentinel and ideally have a recognised Microsoft security certifications such as SC-900, SC-200, AZ-104, AZ-500 however this isn't essential.