Senior Security Operations Analyst

Posted 18 January 2024
LocationUnited Kingdom
Job type Permanent
Discipline Cyber Defence
Contact NameCharlee Ryman

Job description

Are you a technical security analyst who has experience in incident response and are looking for that next step towards a leadership role?
Trident Search are working with a law firm who are looking for a Senior Security Analyst to join them. They boast an already robust security posture and are looking for someone to help further mature it, whilst ensuring any incidents that come in are able to be closed out. They are on a journey of implementing a variety of new technologies across their estate, including Splunk, defender and CS Falcon.
In addition to IR and project work, you will be working closely with the SOC Manager in ensuring the team remains at its highest operational effectiveness. This role offers hybrid working and requires minimal travel to the clients offices.
The Role:
  • Being a senior analyst and SME when it comes to detection and response
  • Engaging with the rest of the business and other teams when incidents occur and aiding in prevention
  • Establishing and reporting on operational details
  • Improving incident response playbooks and learning from previous scenarios
  • Helping the teams with table topping incidents and remaining poised to deal with any situation
  • Helping the manager with training and development of other analysts
  • Design and implementation of custom use cases;
  • Identifying areas of improvement in current tools and processes;
  • Deputising for leadership should the need arise
  • 5+ years of industry experience related to infosec activities, (2-3 in a SOC environment)
  • Experience of wider operational security in international organisations;
  • Demonstrable understanding of information security controls and technology;
  • Team leadership/management;
  • Excellent knowledge of technical security controls including, SIEM, SOAR, EDR, firewalls, IPS/IDS, web filtering, email filtering.
  • Familiarity with frameworks such as, MITRE ATT&CK, Cyber Kill Chain, SIGMA, STRIDE
  • Knowledge of Cloud Security Services such as M365 stack
  • Fundamental understanding of cloud technologies (IaaS and SaaS)
If you are technical, competent with incident response and wish to take on a little more responsibility then go ahead and apply.