People Source Consulting are currently seeking a SOC Security Analyst to pick up a 12 month contract on an MOD Project. The SOC Security Analyst is critical for the deployed environment, ensuring that operational security processes are enacted at every level.
The Security Analyst reports to the Security Manager and is responsible for:
Detecting and responding to malicious behaviour across all platform components including workstations, servers, and network devices.
Optimising threat detection products for data loss prevention (DLP), security information and event management (SIEM), advanced email protection, endpoint detection and response (EDR), antivirus and intrusion prevention/detection systems.
Reviewing and responding to escalated security events.
Proactively hunting threats within the OpNET environment.
Writing detection signatures, tune systems / tools, develop automation scripts and correlation rules.
Maintaining knowledge of adversary tactics, techniques, and procedures (TTPs).
Conducting forensic analysis on systems and engaging third-party resources as required.
Ensuring incident identification, assessment, quantification, reporting, communication, mitigation, and monitoring.
Ensuring compliance to SLAs and KPIs, process adherence and process improvisation to achieve operational objectives.
Ensuring compliance to policy, process, and procedure adherence and process improvisation to achieve operational objectives.
Revising and developing processes to strengthen the DETECT and RESPOND delivery.
Initiation of corrective action where required.
Ensuring daily management, administration & maintenance of security devices to achieve operational effectiveness.
Creation of reports, dashboards, metrics for SOC operations and presentation to OpNET CISO and Security Working Group (SWG).
Co-ordination with stakeholders (both internally within DPS and externally with the CyISOCs), build and maintain positive working relationships with them, and ensure outputs are aligned.
Routine governance and compliance audits, and accreditation activities.Required (minimum):
DV clearance (Essential prior to work starting)
Strong hands-on experience of a variety of SIEM and SOAR platforms (including SPLUNK, ELK, Elastic, Security Onion v2).
Hands-on experience on a variety of scanning tools when required to investigate from tools specifically (tools including. Nessus, Greenbone, Nipper, BMC Discovery, McAfee ePO, Tanium, Tripwire and Whats Up Gold).
Experience in forensics, malware analysis, threat intelligence.
Ability to understand, modify and create threat detection rules within a SIEM.
Ability to correlate data from multiple data sources to create a more accurate picture of cyberthreats and vulnerabilities.Desirable qualifications:
SANS 504 - Incident Handling.
SANS 503 - Intrusion Analyst.
SANS 511 - Continuous Monitoring.
£500 - £600pd
12 month initial contract
Corsham Base Location with some flexibilityPeople Source Consulting Ltd is acting as an Employment Business in relation to this vacancy. People Source specialise in technology recruitment across niche markets including Information Technology, Digital TV, Digital Marketing, Project and Programme Management, SAP, Digital and Consumer Electronics, Air Traffic Management, Management Consultancy, Business Intelligence, Manufacturing, Telecoms, Public Sector, Healthcare, Finance and Oil & Gas