L2 SOC Analyst

Posted 23 May 2024
LocationUnited Kingdom
Job type Permanent
Discipline Cyber Defence

Job description

Trident Search is working closely with growing UK MSSP to build out their Cyber Security function.

We are looking for an experienced L2 SOC Analyst to join a specialist team of Security Consultants and to help build exciting new projects as the function continues to grow.

The role
  • Technical resource in support of SOC team - Incident lifecycle management from identification through triage and containment.
  • Assist with scoping prospective engagements
  • Strong network analysis knowledge and skill set.
  • Thorough understanding of enterprise security controls in Active Directory / Windows environments
  • Knowledge of SIEM, EDR and Intrusion Detection Systems and methods of security hacking/penetration testing
  • Must have previous experience working in some sort of SOC/XDR background, preferably MSSP but happy to look at candidates currently/previously working for internal SOCs
  • Must have some previous experience relating to the above where they have monitored SIEM/EDR tools. Preferably this would include Microsoft Sentinel/Defender and related KQL knowledge, Crowdstrike, Cynet, LogRhythm
  • Any experience with using any of the following tools - (Chronicle SOAR, Hatching Triage, Recorded Future, Service Now) being a huge bonus, but not essential.
  • Any experience dealing with Phishing Emails being a huge bonus, but not essential.
  • Any experience dealing with Malware Analysis being a huge bonus, but not essential.
  • SANS: Qualifications in Security Essentials (GSEC), Hacker Techniques & Incident Handling (GIH), Host (GCFE/GCFA) & Network (GNFA) Forensics, Malware Analysis (GREM) and any Digital Forensics specialisations.
  • CREST certifications
  • Certified Ethical Hacker
Technical skills required:
  • Host Intrusion Analysis
  • Security Incident Escalations
  • Network Intrusion Analysis
  • Unix
  • Familiarity with categories of Malware and Malware Reverse Engineering techniques
  • Experience working with security tools for the purposes of detection, diagnosis, containment, and remediation