SOC Analyst - QRadar, Crowdstrike, Enterprise Level Company

SOC Analyst - QRadar, Crowdstrike, Enterprise Level Company

Posted 2 weeks ago by Job Board - Jobserve on JobServe

£475 Per day
Inside
Remote
City of London, UK
p>SOC Analyst - QRadar, Crowdstrike sought by leading satellite communication company based in the city of London.

*Inside IR35* - 95% Remote, Shift Pattern Below.

5 Week Shift Pattern Explained:

  • Week 1 - 4 Nightshifts > 3 Rest days
  • Week 2 - 3 Days & 3 Nights with 1 Rest day in between
  • Week 3 - 3 Rest days > 4 Dayshifts
  • Week 4 & 5 - "Bank Week" for shift redundancy - Only 2 shifts are scheduled over a 14day period, with the option for additional shifts should this be required for scheduled/ad hoc cover.
  • Week 6 - Repeats pattern

*Alternative 11am - 7pm Shift also available*

Key responsibilities of the position

  • Act as a first line security event analyst monitoring the Security Information and Event Management (SIEM) System. Monitor the alarm console; provide initial analysis of logs and network traffic; and make security event determinations on alarm severity, escalation, and response routing.
  • Provide first line telephone, e-mail and ticket routing services for security event notifications and incident response processes.
  • Deliver first level investigation and remediation activities as a member of the Security Incident Response Team. Participate in Security Incident Response Team (SIRT) events: Conduct research and assessments of security events; provide analysis of Firewall, IDS, anti-virus and other network sensor produced events; present findings as input to SIRT.
  • Participate in a Compliance/Vulnerability Assessment (VA) Scanning Capability. Follow a documented process for routine scanning of company infrastructure and network elements. Develop mitigation and remediation plans as a result of the vulnerability assessment findings.
  • Monitor threat and vulnerability news services for any relevant information that may impact installed infrastructure. Analyze reports to understand threat campaign(s) techniques, lateral movements and extract indicators of compromise (IOCs).
  • Create and update security event investigation notes, conduct shift change reports on open cases, and maintain case data in the Incident Response Management platform.
  • Document information security operations policies, process and procedures.
  • The post will require joining a 24/7 shift rota covering daytime, night time, and weekend work (adequate notification will be provided)

Qualifications
Essential Knowledge and Skills:

  • A University degree level education or equivalent in Information Security, Forensics, or Computer Science; related experience and/or training in the field of IT security monitoring and analysis, cyber threat analysis, and vulnerability analysis.
  • Understanding of performing 1st level analysis and interpretation of information from SOC systems; incident identification/analysis, escalation procedures, and reduction of false positives.
  • A Global Information Assurance Certification (GIAC) Certified Incident Handler (GCIH), GIAC Certified Intrusion Analyst (GCIA), or equivalent certification would be advantageous.
  • Intermediate knowledge of Information Security fundamentals, technologies, and design principals.
  • Understanding or proven experience in securing Windows, Linux, Oracle and VM platforms.
  • Understanding or proven experience of QRadar or similar Security Information and Event Management (SIEM) tools for analysing network and security incidents.
  • Experience in Tenable Network Security Nessus, BeyondTrust Retina or similar Vulnerability Assessment (VA) scanner operations for identifying network and platform risks and MIS-configurations.
  • Willingness to learn new skills and be self-motivated.
  • Ability to work in a team environment, to work under pressure and show flexibility.
  • Excellent verbal and written communication skills in English.

Please apply within for further details or call.
Alex Reeder
Harvey Nash