Senior SOC Analyst level 3
Posted a month ago
- South East London
- Any
- External
- Expires In 2 months
Help strengthen our team as our Senior SOC Analyst. Home based role.
A great opportunity to join our team as our Senior SOC Analyst to be responsible for handing security incidents received/escalated from the SOC Analyst (Tier 1 or Tier 2) and perform a business impact analysis on the security incident.
You will leverage a deep understanding of information security technologies, you will aid in triaging threat intelligence from multiple sources and add contextual information to the security incident, perform additional analysis and based on the business impact will recommend the response actions and escalation path.
You will be guided by Threat Intelligence which is actionable information (e.g. IOCs/TTPs), conduct threat hunting activities; leveraging and analyzing sources of information as available through the SIEM, in addition identify and investigate potential suspicious activity as well as helping organizations identify, isolate, and contain security issues.
You will also support the initial implementation of new security related Microsoft technologies, including Microsoft Sentinel, MDE, MDI and Defender for Cloud. As well as undertaking some devops tasks.
What You’ll Be Doing:
Oversee completion of day-to-day checklist(s), including log review, management report scheduling & running, alert analysis, and escalation follow up.
Perform advanced event and incident analysis, including baseline establishment and trend analysis.
Manage a number of analysts as part of a virtual team of L1 and L2 analysts, including objectives setting, performance management / reviews, training & development, and BAU activities including shift cover etc
Support on-call arrangements as part of a Rota, to support L1 Analysts working out of hours.
Support Major Incident Response activity, from a Protective Monitoring perspective, including supporting teams in identification, containment, and remediation of security related threat.
Identify opportunities for SOC and client SIEM platform configuration improvements, use case development, monitoring rule creation, tuning & optimization.
Assist in architectural design to facilitate the onboarding of new information systems, including the assessment, parsing, onboarding of log sources, and use case and rule development.
What we’re looking for:
Level 3 SOC Analyst / Senior Cyber Security and security operations experience
Microsoft MDE, MDI, Sentinel, Lighthouse and DevOps experience
Experience of onboarding, tuning, reporting, and configuring SIEM solutions
Experience of threat intelligence
Leadership and mentoring experience and skills
Understanding of low-level concepts including operating systems and networking
Commercial experience in Penetration Testing and / or Security Monitoring
Understanding of networking and infrastructure design
Knowledge/experience of one or more System administration (Linux, Windows, Mac)
Cyber security degree or equivalent experience
Always remaining updated on new threats and developing security standards
Excellent interpersonal skills with the ability to explain technical problems to non-technical business stakeholders at all levels.
Strong written and oral communication skills
Active or ability to obtain SC clearance
Preferred Qualification:
SANS Certification
Experience with NIST assurance/EDR
IT Certifications, including Network+, Security+
Protective Monitoring / SOC Certifications, including CySA+
Cyber Security Certifications, including CISMP, CISSP
Experience with various Microsoft Technologies, including Microsoft Defender for Endpoint, Identity and Cloud
Experience with SIEM platforms, including IBM QRadar, Microsoft Sentinel and LogRhythm
In-depth experience with Microsoft Sentinel, including use case and rule development, workbook / playbook creation, KQL & Logic Apps / SOAR
Experience in managing Microsoft Sentinel as an MSSP, including Lighthouse, and management and multi-customer environments using DevOps
About Capita Technology and Software Solutions (TSS) and CISO
Capita Technology and Software Solutions (TSS) is a newly formed global shared service, responsible for delivering innovation and digital transformation for Capita’s businesses and clients. We work collaboratively with Capita’s divisions to shape the right digital technology solutions to help clients work differently, engage differently, sell differently and to be resilient to whatever next comes their way.
Within Policy, Governance and CISO our key capabilities are to define, implement and maintain pan-Capita Cyber, Information Security and IT Policies. Defining and implementing security strategy and providing appropriate governance, assurance, asset management, risk management, privacy and health safety, to maintain compliance requirements for TSS and the wider group.
What’s in it for you?
Opportunity to progress your career.
23 days’ holiday (rising to 27 days with length of service) with the opportunity to buy extra leave.
The opportunity to take a paid day out of the office, volunteering for our charity partners or a cause of your choice.
Access to our Employee Network Groups, which represent every strand of diversity and allow colleagues to connect and learn from each other on an open, inclusive platform.
Company matched pension, a cycle2work scheme, 15 weeks’ fully paid maternity, adoption, and shared parental leave and plenty more.
You’ll get the chance to follow your chosen career path anywhere in Capita. You’ll be joining a network of experienced, innovative, and dedicated individuals across multiple disciplines and sectors. There are countless opportunities to learn new skills and develop in your career, and we’ll provide the support you need to do just that.
A great opportunity to join our team as our Senior SOC Analyst to be responsible for handing security incidents received/escalated from the SOC Analyst (Tier 1 or Tier 2) and perform a business impact analysis on the security incident.
You will leverage a deep understanding of information security technologies, you will aid in triaging threat intelligence from multiple sources and add contextual information to the security incident, perform additional analysis and based on the business impact will recommend the response actions and escalation path.
You will be guided by Threat Intelligence which is actionable information (e.g. IOCs/TTPs), conduct threat hunting activities; leveraging and analyzing sources of information as available through the SIEM, in addition identify and investigate potential suspicious activity as well as helping organizations identify, isolate, and contain security issues.
You will also support the initial implementation of new security related Microsoft technologies, including Microsoft Sentinel, MDE, MDI and Defender for Cloud. As well as undertaking some devops tasks.
What You’ll Be Doing:
Oversee completion of day-to-day checklist(s), including log review, management report scheduling & running, alert analysis, and escalation follow up.
Perform advanced event and incident analysis, including baseline establishment and trend analysis.
Manage a number of analysts as part of a virtual team of L1 and L2 analysts, including objectives setting, performance management / reviews, training & development, and BAU activities including shift cover etc
Support on-call arrangements as part of a Rota, to support L1 Analysts working out of hours.
Support Major Incident Response activity, from a Protective Monitoring perspective, including supporting teams in identification, containment, and remediation of security related threat.
Identify opportunities for SOC and client SIEM platform configuration improvements, use case development, monitoring rule creation, tuning & optimization.
Assist in architectural design to facilitate the onboarding of new information systems, including the assessment, parsing, onboarding of log sources, and use case and rule development.
What we’re looking for:
Level 3 SOC Analyst / Senior Cyber Security and security operations experience
Microsoft MDE, MDI, Sentinel, Lighthouse and DevOps experience
Experience of onboarding, tuning, reporting, and configuring SIEM solutions
Experience of threat intelligence
Leadership and mentoring experience and skills
Understanding of low-level concepts including operating systems and networking
Commercial experience in Penetration Testing and / or Security Monitoring
Understanding of networking and infrastructure design
Knowledge/experience of one or more System administration (Linux, Windows, Mac)
Cyber security degree or equivalent experience
Always remaining updated on new threats and developing security standards
Excellent interpersonal skills with the ability to explain technical problems to non-technical business stakeholders at all levels.
Strong written and oral communication skills
Active or ability to obtain SC clearance
Preferred Qualification:
SANS Certification
Experience with NIST assurance/EDR
IT Certifications, including Network+, Security+
Protective Monitoring / SOC Certifications, including CySA+
Cyber Security Certifications, including CISMP, CISSP
Experience with various Microsoft Technologies, including Microsoft Defender for Endpoint, Identity and Cloud
Experience with SIEM platforms, including IBM QRadar, Microsoft Sentinel and LogRhythm
In-depth experience with Microsoft Sentinel, including use case and rule development, workbook / playbook creation, KQL & Logic Apps / SOAR
Experience in managing Microsoft Sentinel as an MSSP, including Lighthouse, and management and multi-customer environments using DevOps
About Capita Technology and Software Solutions (TSS) and CISO
Capita Technology and Software Solutions (TSS) is a newly formed global shared service, responsible for delivering innovation and digital transformation for Capita’s businesses and clients. We work collaboratively with Capita’s divisions to shape the right digital technology solutions to help clients work differently, engage differently, sell differently and to be resilient to whatever next comes their way.
Within Policy, Governance and CISO our key capabilities are to define, implement and maintain pan-Capita Cyber, Information Security and IT Policies. Defining and implementing security strategy and providing appropriate governance, assurance, asset management, risk management, privacy and health safety, to maintain compliance requirements for TSS and the wider group.
What’s in it for you?
Opportunity to progress your career.
23 days’ holiday (rising to 27 days with length of service) with the opportunity to buy extra leave.
The opportunity to take a paid day out of the office, volunteering for our charity partners or a cause of your choice.
Access to our Employee Network Groups, which represent every strand of diversity and allow colleagues to connect and learn from each other on an open, inclusive platform.
Company matched pension, a cycle2work scheme, 15 weeks’ fully paid maternity, adoption, and shared parental leave and plenty more.
You’ll get the chance to follow your chosen career path anywhere in Capita. You’ll be joining a network of experienced, innovative, and dedicated individuals across multiple disciplines and sectors. There are countless opportunities to learn new skills and develop in your career, and we’ll provide the support you need to do just that.
.webp "Apply4U | Sign Up")
.webp "Apply4U | Contact Us")
.webp "Apply4U | Sign up")
