Discovery

  • SOC Analyst

    Posted Date 1 week ago(11/9/2018 4:51 AM)
    Requisition ID
    21256
    Location
    UK-London
    Career Category
    IT & Technical Operations
    Type
    Company Employee Full-Time
  • Position Summary

    The security analyst plays a pivotal role in keeping our organization’s systems and information secure. He/she works closely with managed service partners, infosec engineering, and internal IT departments to identify and respond to security events.  This will include on-premise and cloud-based systems and services.  The analyst should be comfortable searching through and filtering large amounts of log data to find actionable information.  They are key assets during incident response activities.  

    An Information Security Jr Analyst must have effective written and communication skills paired with a technical background.  He/she be comfortable generating clear and concise reports for infosec and IT management.  It is preferable that the candidate would have an understanding of networking, TCP/IP, VPN access, and Active Directory access rights and help policies, along with moderate scripting experience. 

    Responsibilities

    • Responsible for detecting and assessing cyber security events and incidents across the enterprise
    • Responsible for implementing new processes and procedures as identified by the CSOC and Infosec Leadership to ensure for continuous improvements to monitor, detect and mitigation capabilities.
    • Responsible for understanding the global threat landscape through working with threat intel resources to maintain awareness
    • Triage of service requests, events, and incidents from MSS and internal teams
    • Escalates cyber security events according to Incident Response Plan
    • Assists with containment of threats and remediation of environment during or after an incident
    • Documents security processes, workflows, and playbooks
    • Documents event analysis and drafts reports of incident investigations
    • Assist in creating/updating asset database to track systems globally
    • Assist with the completion of monthly metrics for cyber security to include KPI  
    • Stay current on IT security trends and news.
    • Follow change management process and security policies
    • Audit access control lists
    • Review and understand security policies and guidelines to create security work instructions for various security policies
    • Help manage security end point agents
    • Help manage Proxy servers
    • Help log management team collect and analyze system logs
    • Help with deployment of information security technologies and clients
    • Help with pentest reports data gathering and cleanup of data
    • Help develop company-wide best practices for IT security
    • Input pentest results into ticketing system for tracking
    • Other duties as assigned

    Requirements

    • Experience in IT or Information Security
    • Bachelor’s degree beneficial
    • Understanding of firewalls, proxies, SIEM, antivirus, EDR, and IDPS concepts.
    • Understanding of, and able to reference NIST framework, CSC framework, CSF framework, ITIL, COBIT, and ISO 2700x
    • Experience with Unix/Linux and Windows operating systems in an Active Directory environment
    • Experience with endpoint security and SIEM technologies, e.g., Carbon Black, QRadar
    • Excellent written and oral communications skills.
    • CSA, GISF, GSEC, GMON, Security+ certifications are highly desired

     

    Options

    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed