Client Focused Cyber Incident Manager (SOC, IS)
One of the UK's leading Cyber Security Organizations is now seeking for a Client Focused Cyber Incident Manager to join their growing team as they expand into larger markets with new and exciting solutions. A bit about the client:
Our client prides themselves on delivering a professional service with a personal touch to organizations that range from 2 to 12,000 users. Their services range from Detect & Respond capabilities using a mix of SIEM and EDR solutions, to Penetration Testing and Information Security Consultancy.
The ideal candidate will excel in building relationships with clients, whilst having the IT / SOC knowledge to be able to create reports / documentation, implement solutions with a strong IT background. What are your responsibilities:
- Be the point of contact with clients- ensure SLAs for enterprise clients are met with alert descriptions and recommended actions being of an acceptable standard, with possible mitigation actions to be executed efficiently and at an advanced level, documenting easy to understand penetration reports with security recommendations.
- Creating documentation for internal and external use: incident remediation and prevention, Trend analysis, incident reports, log analysis, client reviews, service reviews etc.,
- Conduct periodic security and network impact reviews for enterprise clients.
- Research, analyze and identify potential vulnerabilities and emerging threats, with the goal of creating detect & response rules to assist in visibility and response capabilities.
- Occasionally serve as Tier 3 level for high-threat technical and procedural escalations. Identify indicators of compromise and TTP's to generate and execute Threat Hunting capability, with the possible requirement of executing the incident response plans assigned to the solution to ensure the clients environment threats are eliminated/mitigated.
- A passion for information security and data security. This for us is always a number one attribute, that drive is what sees you through the end of those tough days (which hopefully there will not be many of).
- 5 years' experience minimum in Information Security AND/OR least 2 years' of SOC based experience with a strong IT background.
- Demonstrated proficiency exercising a detailed depth and breadth of technical subject knowledge to key stakeholders within a client base of 5000+ users and upwards.
- Strong interpersonal and communication skills - being able to efficiently and effectively to take with clients.
- Knowledge/experience with multiple log sources (Firewall, Proxy, Windows Event Logs, Office 365 activity etc)
- Working knowledge of Log Management/SIEM & EDR technology (e.g., Azure Sentinel, AlienVault, MS CloudApp Security, Carbon Black, MS Defender for Endpoint).
· Incident Response experience, establishing possible root cause and taking action to mitigate threats using a variety of possible solutions (Carbon Black and MS Defender for Endpoints for example).
· Security technology certifications (e.g., SANS (GCIA, GCIH, GSEC)).
· Experience with the Microsoft Solution Portfolio (Office 365, PowerBI etc)
· Experience in automation methods and implementation.
· Experience with securing various environments. As the successful Business Analyst, you will be offered a starting basic salary of £45,000 - £55,000 + Company Benefits, with training and development opportunities once settled in post. To apply for this role, email your CV and examples of work to: Laura.Thompson@NetworkITR.co.uk