SOC Analyst

Are you in a Security Operations Centre and want more excitement, more of a challenge? Then just look at this!

We are searching for SOC Analysts to join our growing Security team in Sopra Steria's Aerospace Defence and Security sector. This incredible new journey will see you working with a growing team supporting enterprise scale clients. This role will require you to have proven experience working in a busy SOC with a tech-first approach.

The team that you will be joining is on the cusp of continued growth, so we are looking for hardworking individuals who can lead from the front. From a technical perspective, we are using Microsoft Sentinel, Splunk, and MISP Threat sharing, so any knowledge of these technologies would be a substantial benefit.

This role is based out of our head office in Hemel Hempstead and will work on a shift pattern with 12-hour shifts (Nights and Days).

You do need to be eligible for SC and DV Clearance.

We can offer great career progression opportunities, benefits which you can flex to meet your needs, and training and development opportunities.

What you'll be doing:

• Monitor, triage, and investigate security incidents on critical client infrastructure.
• In-depth analysis of network traffic, logs, and system events to identify potential security threats and vulnerabilities.
• Provide Incident Response support.
• Maintain, improve and develop team knowledge of SOC tools, security operations, and triage.
• Prepare reports for managed clients for both technical and non-technical audiences and continuously improve their content and presentation.
• Maintain and update security incident documentation, including incident reports, analysis findings, and recommended mitigation strategies.

What you’ll bring:

• Demonstrable experience in a Security Operations Centre.
• Demonstrable experience of managing Microsoft Sentinel or Splunk implementations.
• Knowledge and experience with the Mitre Att&ck Framework.
• Solid grasp of client-server applications, multi-tier web applications, relational databases, firewalls, VPNs, and enterprise AntiVirus products.
• Deep technical knowledge in the analysis of log data and intrusion detection systems.
• Solid understanding of networking principles including TCP/IP, WANs, LANs, and commonly used Internet protocols such as SMTP, HTTP, FTP, POP, and LDAP.

It would be great if you had:

• Understanding of static malware analysis and reverse engineering.
• CREST Practitioner Intrusion Analyst.
• Experience with SIEM technologies, namely Sentinel and Splunk, with some experience with QRadar.

If you are interested in this role but not sure if your skills and experience are exactly what we’re looking for, please do apply; we’d love to hear from you!

Referral Bonus: £1500.00

Clearance: Eligible for SC and DV Clearance