Enable job alerts via email!
SOC Threat Detection Analyst
Certain Advantage
Stevenage
On-site
GBP 80,000 - 100,000
Full time
Generate a tailored resume in minutes
Land an interview and earn more. Learn more
Job summary
A leading defense organization in Stevenage is seeking SOC Threat Detection Analysts for an initial 6-month contract. The role requires experience in cyber security, particularly in threat detection and incident response. Analysts will support operational functions, monitor security events, and engage in proactive threat hunting. The position demands strong analytical skills and an understanding of network security. This role offers an hourly rate between £45 and £85, along with potential overtime. A proactive and flexible approach is essential within a rotating shift pattern.
Qualifications
- A career background in Cyber Security with awareness in multiple IT areas.
- Knowledge of IT Security standard methodologies.
- Experience with Security Information Event Monitoring Tools.
- Strong analytical skills and understanding of network protocols.
Responsibilities
- Support the SOC Manager in countering Cyber Threats.
- Monitor Cyber Security tools effectively.
- Assist with maintenance of security technologies.
- Engage in proactive threat hunting.
Skills
Tools
World Class Defence Organisation based in Stevenage, Hertfordshire is currently looking to recruit 8x SOC Threat Detection Analyst subcontractors on an initial 6 month contract. This role can start on an SC Security Clearance basis, however DV Clearance will be required down the line. This role would suit someone from a Cyber Security Analyst, SOC Analyst or Threat Detection Analyst background.
Hourly Rate: £45ph - £85 per hour. There are 8 positions being recruited across the mid-senior level. Overtime rate of time and a quarter.
Contract Duration: 6 Months initially and long-term thereafter.
- 28 day Cycle
- Sat to Tue - Earliest (Apply online only)
- Wed to Sun - Off
- Mon to Fri - Lates (Apply online only)
- Sat to Tue Off
- Wed to Sun - Nights (Apply online only)
(The type of shift rotates along the pattern through, so the start of the next 28 day cycle they start with lates > Nights > earlies then next cycle: Nights > earlies > lates).
28 days = 4 weeks, 14 days worked per 28 days, 3.5 days worked per week, 3.5 x 8 = 28 hours per week. Initially may not be expected to do nights until team grows.
An opportunity has arisen in the cyber security operations centre (SOC) within Information Management (IM) for a SOC Threat Detection Analyst. Supporting the Senior SOC analysts in assisting IM meet the challenges and demands of countering the Cyber Threat. The successful applicant will drive a proactive ethos in an ever‑changing cyber security environment and provide robust threat detection and analysis within the 24x7 SOC.
To support the SOC Manager in assisting Information Management UK meet the challenges and demands of countering the Cyber Threat. Support for the operational functions of the UK SOC. To work with other UK SOC members, including the UK InfoSec Team and the IM Domains (Customer Support and Infrastructure / Information Systems). It will cover analysis, monitoring, reporting, alerting and investigation activity utilising a wide variety of security platforms including AI/ML and behavioural analytics, SIEM, Network Packet Capture platform, Anti Malicious Code, Threat Detection technologies and platforms across the UK Network Perimeter working with the best standard technologies.
- Effective Tier 1 to 2 alert triage of security events
- Monitoring of Cyber Security tools
- Monitoring the SOC email notification mailboxes
- Assists with the maintenance of Security technologies
- Assisting the SOC Solutions Lead with project activity
- Assist proactive threat hunting in collaboration with the CTI function
- Assist IR in HR and InfoSec related investigations
- Ensure the timely triage and remediation of any incident or request tickets raised to the SOC
- Participate in the activity of adding/removing URLs from the AcceptList and BlockList
- Attend routine security meetings
- Conduct activities in line with SOC Maturity and continuous improvement
- A career background in Cyber Security. Security awareness and experience in all areas of IT, primarily Network Security, Infrastructure and the secondary area being Operating Systems & Applications.
- Knowledge of IT Security standard methodologies.
- Demonstrable understanding of the OSI Reference Model and the network communication protocols, including but not limited to DNS, HTTP/S, SSL, SMTP, FTP/S, LDAP/S.
- Demonstrable experience with Security Information Event Monitoring Tools and/or Network Packet Capture tools.
- Hands on experience with IDS/IPS technologies and threat hunting activities.
- Strong analytical experience and mind‑set.
- Experience within Defensive Cyber‑attack methodologies and frameworks.
- Understanding of Malware capabilities, attack vectors, propagation and impact.
- Good communication skills liaising with the business and suppliers.
- Root cause analysis and leading T2 incident investigations
- Process / Playbook / Runbook development
- Working knowledge of detection engineering, false positive improvements
- Capability to tune SIEM rules or create custom detections
- Scripted automation experience e.g. Python, SOAR, PowerShell
- Threat modelling and Hunting methodologies
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
