Security Operations Analyst (Tier 1)

Recruiter
Advanced
Location
Slough
Posted
16 May 2018
Closes
15 Jun 2018
Contract Type
Permanent
Hours
Full Time
Job Description

Job Summary:

The purpose of this role is monitor and investigate the SIEM security events, respond, triage and contain customer security incidents. The analyst will be responsible for the incident handling life cycle from initial response, analysis, triage, and coordination of remediation activity to closure, which includes any necessary reporting and advice to appropriate customer teams. The analyst will work on a 24 x 7 SOC shift rota (days and nights) and operate within all applicable policies, laws, and regulations.

Primary Responsibilities:

  • 24 x 7 protective security monitoring
  • Security Incident & Event Management (SIEM) support
  • Incident response, triage, and containment
  • Endpoint security management
  • Security tools support
  • Change management

Desired Core Technical Skills/Knowledge:

  • CompTIA Security + Certified or Equivalent
  • CompTIA Network + Certified or Equivalent
  • SolarWinds Log and Event Manager experience
  • Anti-virus / anti-malware systems (McAfee EPO, Ivanti, Symantec) experience
  • Forcepoint web filtering, DLP, email security experience
  • Experience of Microsoft technologies – Windows Server and Workstation OS (Server 2012/16, Windows 10 etc), Active Directory, Office 365
  • Knowledge of OSI reference model and networking fundamentals
  • Cisco Firewall & Firepower (or SourceFire) IPS
  • Knowledge of ITIL (foundation level)
  • Linux/Unix Skills

Additional Skills:

  • Experience working within complex global hybrid environments.
  • Hands on experience with SolarWinds or similar SIEM technologies
  • Proven experience in security incident handling, response and remediation
  • Possess functional knowledge and administrative experience on Windows and Unix/Linux Platforms
  • Understanding of ITIL - incident management, change management, and problem management processes.
  • Wider Cyber Security exposure, technical and non-technical
  • Understanding of malware / anti-malware techniques, exploits, attack vectors and defensive / preventative measures
  • Knowledge of how firewalls, web and email gateways and IDS/IPS operate
  • Ability to understand and correlate information and events across multiple log types and sources
  • Experience analysing computer and network threats, anomalies or APT activity
  • Experience analysing and containing phishing email attacks
  • An understanding of TCP/IP and networking technologies, packet analysis, routers etc
  • Previous security operations centre (SOC) experience is desired, but candidates from other IT backgrounds, with a passion for cyber security will also be considered

This job was originally posted as www.totaljobs.com/job/81467309

Similar jobs

Similar jobs