IT Security Operations Tier 3 Analyst

Recruiter
ReThink Recruitment
Location
Peterborough
Posted
10 Jan 2018
Closes
08 Feb 2018
Contract Type
Permanent
Hours
Full Time
IT Security Operations Level 3 Analyst / IT SOC Level 3 Analyst - Peterborough, Cambridgeshire - Commutable from Corby, Kettering, Cambridge, Northampton, Milton Keynes - £Neg + Bonus + Benefits

A leading organisation are seeking to recruit an IT Security Operations Level 3 Analyst to perform:
  • Monitoring and analysis of cyber security events
  • Services monitored will include, but are not limited to SIEM, IDS/IPS, Firewall, Web Application Firewalls, Data Loss Prevention (DLP)
  • Functional escalation point for incidents assigned by Level 2 and acting as a referral point to determine any increased risks to the business
  • Recognise potential; successful; and unsuccessful intrusion attempts and compromises thorough reviews and analyses of relevant event detail and summary information
  • Conduct research on emerging security threats.
  • Respond to computer security incidents by collecting, analysing, preserving digital evidence and ensure that incidents are recorded and tracked.
  • Work closely with the other teams to assess risk and provide recommendations for improving our security posture.
  • Working knowledge of any of the following tools is required: Splunk, Symantec Endpoint, RSA Security Analytics, NIKSUN, Wireshark, or other information security tools.
  • Conduct research on emerging security threats.
  • Provides correlation and trending of cyber incident activity.
  • Develops threat trend analysis reports and metrics.
  • Supports Level 1 and 2 analysis, handling and response activity.
  • Maintains situational awareness reports for advanced threats such as Advanced Persistent Threat (APT) and Focused Operations (FO) incidents.
  • Author Standard Operating Procedures (SOPs) and training documentation when needed.




Experience Sought
  • Ideally a minimum of 5 years of IT experience with at least 4 years of information security operations or incident response experience, and familiarity with Cyber Kill Chain
  • By a Subject Matter Expert in Vulnerability Assessment, Intrusion Prevention and Detection, Access Control and Authorisation, Policy Enforcement, Application Security, Protocol Analysis, Firewall Management, Incident Response, Encryption, Web filtering, Advanced Threat Protection.
  • Experience with SIEM, IDS/IPS, Firewall, Web Application Firewalls, Data Loss Prevention (DLP) and Security Event Correlation
  • The ability to take lead on incident research when appropriate and be able to mentor Tier 1 and 2 Analysts.




Must have at least one of the following security related certifications:
SANS - GCWN (Certified Windows Security Administrator); GSSP (Secure Software Programmer); GISCP (Global Industrial Cyber Security Professional)

ISC2 - CCSP (Certified Cloud Security Professional); CISSP (Certified Information Systems Security Professional); CISSP - ISSEP (Information Systems Security Engineering Professional); CISSP - ISSAP (Information Systems Security Architecture Professional); CSSLP (Certified Secure Software Lifecycle Professional); SSCP (Systems Security Certified Practitioner)

EC Council - ENSA (EC-Council Network Security Administrator); ECSP (EC-Council Certified Secure Programmer)



Ideally candidates may possess or have previously been certified in any of the following:

Cisco - CCNP; CCIE Security

Microsoft - MCSE

RedHat - RHCA; RHCE

VMware - VCA; VCP; VCAP; VCIX; VCDX



IT Security Operations Level 3 Analyst / IT SOC Level 3 Analyst - Peterborough, Cambridgeshire - Commutable from Corby, Kettering, Cambridge, Northampton, Milton Keynes - £Neg + Bonus + Benefits
This job was originally posted as www.cwjobs.co.uk/job/79145694