SOC Analyst (Mid level)

Location: Stevenage (onsite / shift patterns)

Duration: 6 month initial contract

Rate: 45ph UMB to 66ph UMB (Inside IR35)

Due to the nature of the role, candidates must be eligible for UK Eyes Only Security Clearance.

Our client, a leading defence company, are looking for a SOC Analyst to join their team in Stevenage. The successful applicant will drive a proactive ethos in an ever–changing cyber security environment and provide robust threat detection and analysis within the 24x7 SOC.

This role will cover analysis, monitoring, reporting, alerting and investigation activity utilising a wide variety of security platforms including AI/ML and behavioural analytics, SIEM (Security Information Event Management), Network Packet Capture platform, Anti Malicious Code, Threat Detection technologies and platforms across the UK Network Perimeter working with the best standard technologies.

• Effective Tier 1 to 2 alert triage of security events
• Monitoring of Cyber Security tools
• Monitoring the SOC email notification mailboxes
• Assists with the maintenance of MBDA Security technologies
• Assisting the SOC Solutions Lead with project activity
• Assist proactive threat hunting in collaboration with the CTI function
• Assist IR in HR and InfoSec related investigations
• Ensure the timely triage and remediation of any incident or request tickets raised to the SOC
• Participate in the activity of adding/removing URLs from the AcceptList and BlockList
• Attend routine security meetings
• Conduct activities in line with SOC Maturity and continuous improvement

• A career background in Cyber Security. Security awareness and experience in all areas of IT, primarily Network Security, Infrastructure and the secondary area being Operating Systems & Applications.
• Knowledge of IT Security standard methodologies.
• Demonstrable understanding of the OSI Reference Model and the network communication protocols, including but not limited to DNS, HTTP/S, SSL, SMTP, FTP/S, LDAP/S.
• Demonstrable experience with Security Information Event Monitoring Tools and/or Network Packet Capture tools.
• Hands on experience with IDS/IPS technologies and threat hunting activities.
• Strong analytical experience and mind–set.
• Experience within Defensive Cyber–attack methodologies and frameworks.
• Understanding of Malware capabilities, attack vectors, propagation and impact.
• Good communication skills liaising with the business and suppliers.

• Root cause analysis and leading T2 incident investigations
• Process / Playbook / Runbook development
• Working knowledge of detection engineering, false positive improvements
• Capability to tune SIEM rules or create custom detections
• Scripted automation experience e.g. Python, SOAR, PowerShell
• Threat modelling and Hunting methodologies

Note, shift patterns applicable.

• (The shift pattern rotates each cycle – it may start with lates –> Nights –> earlies and the next cycle could be: Nights –> earlies –> lates). Initially you may not be expected to do nights until the team grows.
• 31.5 hours per week

Apply today via the link provided!