Trident Search are working with a client who need a Senior Security Analyst to help them deal with customers technical issues. Your role will be mainly focused on triaging and closing clients incidents, researching the latest threats and proactively searching clients networks during down time. The client is very focused on providing an in-depth service whilst using some of the latest technology.
They are a close knit team that are constantly going from strength to strength.
What your role will eventually entail:
- Provide technical lead support to enterprise level clients and Investigation into potentially verified incidents and execution of active response actions.
- Ensure SLAs for enterprise clients are met with alert descriptions and recommended actions being of an acceptable standard, with possible mitigation actions to be executed efficiently and at an advanced level.
- Assist in Incident remediation and prevention documentation and plans where required and be able to execute the processes documented in an effective manner.
- Proactively identify indicators of compromise and TTP’s to generate and execute Threat Hunting capability, with the possible requirement of executing the incident response plans assigned to the solution to ensure the clients environment threats are eliminated/mitigated.
- Handle User and Entity Behaviour Analytics (UEBA) and Threat Hunting use cases of potential security incidents and security events in accordance with SOC processes and procedures.
- Research, analyse and identify potential vulnerabilities and emerging threats, with the goal of creating detect & response rules to assist in visibility and response capabilities.
- Leveraging automation and SOAR elements to ensure a lean service that eliminates unnecessary noise and allows for analysts to respond quicker to verified incidents.
- Initiate escalation procedure to counteract potential threats/vulnerabilities.
- Conduct periodic security and network impact reviews for enterprise clients.
What do you need to know?
- To be a technical SME and be able to discuss technical issues with key stakeholders
- Strong analytical skills to define risk, identify potential threats, document and develop action/mitigation plan.
- Knowledge/experience with multiple log sources (Firewall, Proxy, Windows Event Logs, Office 365 activity etc)
- Working knowledge of Log Management/SIEM & EDR technology (e.g., Azure Sentinel, AlienVault, MS CloudApp Security, Carbon Black, MS Defender for Endpoint).
- Good Interpersonal skills and being able to talk effectively with client teams.
- Incident Response experience, establishing possible root cause and taking action to mitigate threats using a variety of possible solutions (Carbon Black and MS Defender for Endpoints for example).
- Security technology certifications (e.g., SANS (GCIA, GCIH, GSEC)).
- Experience with the Microsoft Solution Portfolio (Office 365, PowerBI etc)
- Experience in automation methods and implementation.
- Experience with securing various environments.
This is an opportunity for someone to take the lead and help grow out and mature a SOC Team whilst being a part of a truly passionate team. If this sounds like you then go ahead and apply now.
What can we provide you?
- Salary between £40,000-£50,000
- Comprehensive Benefits Package:
- Private Healthcare
- Flexible Working
- 33 days holiday, with the option to buy and sell days if desired
- Structured Personal Development
- Training and Experience with leading commercial solutions such as Azure Sentinel, Defender for Endpoint & Carbon Black.
- Paid Training Certifications
- Strong Career Advancement
- A strong team to learn with and to be part of with a culture that values each individual’s care.