The following job is no longer available:
SOC Analyst
SOC Analyst
SOC Analyst
Posted a month ago
- London, Greater London
- Any
- External
- Expired - 2 months ago
You will need to login
before you can apply for a job.SOC Analysts have responsibility for leading incident response efforts, monitoring security events, analysing logs and data for threats, providing proactive threat intelligence, managing security tools, preparing comprehensive incident reports, conducting security assessments, coordinating incident handling, promoting security awareness, and driving continuous improvement within the SOC. The role is crucial in protecting the organisation and enhancing security operations to mitigate risks effectively.Objectives and Key ResultsThe key objectives will be to:Be responsible for incident analysis, classification and response actions including notification and alerting.Monitor for possible security incidents, using knowledge of attack types and standard protocol behaviour to classify incidents, comment, and provide advice on mitigation or remedial actions to clients.Work with other SOC analysts, the Shift Lead, Senior SOC Analysts and the SOC Team Lead on any delegated tasks. This may include mentorship, rule tuning, threat hunting, reports and service improvements.Essential Duties and ResponsibilitiesConduct incident triage on new tickets in line with established triage SLAs.Raise incidents to customers as appropriate, in line with established notification SLAs.Escalate incidents to a Level 1 SOC Analyst or Shift Lead as appropriate.About YouBehavioural Competencies – Organisational and BehaviouralAbility to multi–task, prioritise, and manage time effectivelyStrong attention to detail and intellectually curiousExcellent interpersonal skills and professional demeanourExcellent verbal and written communication skillsProficient in Microsoft Office applicationsCandidate must be eligible to obtain Security ClearanceBachelor's degree in a related field or equivalent demonstrated experience and knowledgeKnowledge of various security methodologies and processes, and technical security solutions (firewall, SIEM and intrusion detection/prevention systems, vulnerability scanners, etc.)Knowledge of TCP/IP Protocols, network analysis, and network/security applications; and a good background with network troubleshooting and technologies; Firewall configuration, monitoring, network packet capture (tcpdump/Wireshark), etc.Excellent understanding of commonly used Internet protocols such as SMTP, HTTP, and DNSIncident Response: Strong knowledge and experience in handling security incidents, including identifying, analysing, and responding to security events in real–timeIntrusion Detection and Prevention Systems (IDS/IPS): Familiarity with IDS/IPS technologies, their configuration, and their use in monitoring and protecting networks from potential threatsThreat Intelligence: Understanding of threat intelligence feeds and their application in identifying and mitigating potential threats, as well as the ability to leverage threat intelligence platforms effectivelyMalware Analysis: Familiarity with basic malware analysis techniques, such as static and dynamic analysis, to identify and understand the behaviour of malicious softwareVulnerability Management: Experience with vulnerability scanning tools, knowledge of common vulnerabilities and exposures (CVEs), and the ability to prioritise and remediate vulnerabilities effectivelyEndpoint Security: Understanding of endpoint protection technologies (antivirus, host–based intrusion detection systems, etc.) and the ability to monitor and respond to security events on endpointsSecure Network Architecture: Knowledge of secure network design principles, including segmentation, DMZ, VPNs, and network access controlsThreat Hunting: Ability to proactively search for signs of potential threats or security breaches within the network environment using various techniques and toolsCloud Security: Understanding of cloud security concepts, including secure configuration, identity and access management (IAM), and monitoring of cloud environmentsSecurity Standards and Frameworks: Familiarity with industry security standards and frameworks such as NIST Cybersecurity Framework, ISO 27001, and CIS ControlsIn addition, the following are highly desirable:Cyber Security Training Certifications, including:SANSCRESTCOMPTIA Network+, Linux+, Security+, CySA+, CASP+Microsoft Azure Fundamentals (AZ–900) and Security Operations Analyst (SC–200)AWS Certified Cloud Practitioner and Certified Security SpecialityBlue Team Level 1 and Level 2Experience of ticketing systems to manage communication with customersUnderstanding of performing 1st level analysis and interpretation of information from SOC systems; incident identification/analysis, escalation procedures, and reduction of false–positivesHere at Claranet we pride ourselves on going the extra mile for and with our employees (yes, we really mean it). We offer an extensive benefits package that you can tailor to your needs, inclusive of a matching contribution pension scheme, healthcare, insurance, dental, discounted gyms and app supported benefit access.But what we think makes us different is 'Team Claranet,' our dedicated internal part of the business that supports you with matters close to your heart. We proudly support local charities in each of our office locations, support employees with paid charity leave, organise key charity fundraising event per year and have a dedicated committee responsible for supporting employee's fundraising efforts.Claranet are one of the 10 founding members of TC4RE (Technology Community for Racial Equality). Being a part of a group of leading UK technology organisations, we are dedicated to building a more diverse and inclusive workforce. We are also very proud members of Tech Talent Charter, a government supported, industry–led membership group created to address the UK's tech talent shortage and diversity gap through collective action.Create a job alert and receive personalised job recommendations straight to your inbox.
#J-18808-Ljbffr
before you can apply for a job.SOC Analysts have responsibility for leading incident response efforts, monitoring security events, analysing logs and data for threats, providing proactive threat intelligence, managing security tools, preparing comprehensive incident reports, conducting security assessments, coordinating incident handling, promoting security awareness, and driving continuous improvement within the SOC. The role is crucial in protecting the organisation and enhancing security operations to mitigate risks effectively.Objectives and Key ResultsThe key objectives will be to:Be responsible for incident analysis, classification and response actions including notification and alerting.Monitor for possible security incidents, using knowledge of attack types and standard protocol behaviour to classify incidents, comment, and provide advice on mitigation or remedial actions to clients.Work with other SOC analysts, the Shift Lead, Senior SOC Analysts and the SOC Team Lead on any delegated tasks. This may include mentorship, rule tuning, threat hunting, reports and service improvements.Essential Duties and ResponsibilitiesConduct incident triage on new tickets in line with established triage SLAs.Raise incidents to customers as appropriate, in line with established notification SLAs.Escalate incidents to a Level 1 SOC Analyst or Shift Lead as appropriate.About YouBehavioural Competencies – Organisational and BehaviouralAbility to multi–task, prioritise, and manage time effectivelyStrong attention to detail and intellectually curiousExcellent interpersonal skills and professional demeanourExcellent verbal and written communication skillsProficient in Microsoft Office applicationsCandidate must be eligible to obtain Security ClearanceBachelor's degree in a related field or equivalent demonstrated experience and knowledgeKnowledge of various security methodologies and processes, and technical security solutions (firewall, SIEM and intrusion detection/prevention systems, vulnerability scanners, etc.)Knowledge of TCP/IP Protocols, network analysis, and network/security applications; and a good background with network troubleshooting and technologies; Firewall configuration, monitoring, network packet capture (tcpdump/Wireshark), etc.Excellent understanding of commonly used Internet protocols such as SMTP, HTTP, and DNSIncident Response: Strong knowledge and experience in handling security incidents, including identifying, analysing, and responding to security events in real–timeIntrusion Detection and Prevention Systems (IDS/IPS): Familiarity with IDS/IPS technologies, their configuration, and their use in monitoring and protecting networks from potential threatsThreat Intelligence: Understanding of threat intelligence feeds and their application in identifying and mitigating potential threats, as well as the ability to leverage threat intelligence platforms effectivelyMalware Analysis: Familiarity with basic malware analysis techniques, such as static and dynamic analysis, to identify and understand the behaviour of malicious softwareVulnerability Management: Experience with vulnerability scanning tools, knowledge of common vulnerabilities and exposures (CVEs), and the ability to prioritise and remediate vulnerabilities effectivelyEndpoint Security: Understanding of endpoint protection technologies (antivirus, host–based intrusion detection systems, etc.) and the ability to monitor and respond to security events on endpointsSecure Network Architecture: Knowledge of secure network design principles, including segmentation, DMZ, VPNs, and network access controlsThreat Hunting: Ability to proactively search for signs of potential threats or security breaches within the network environment using various techniques and toolsCloud Security: Understanding of cloud security concepts, including secure configuration, identity and access management (IAM), and monitoring of cloud environmentsSecurity Standards and Frameworks: Familiarity with industry security standards and frameworks such as NIST Cybersecurity Framework, ISO 27001, and CIS ControlsIn addition, the following are highly desirable:Cyber Security Training Certifications, including:SANSCRESTCOMPTIA Network+, Linux+, Security+, CySA+, CASP+Microsoft Azure Fundamentals (AZ–900) and Security Operations Analyst (SC–200)AWS Certified Cloud Practitioner and Certified Security SpecialityBlue Team Level 1 and Level 2Experience of ticketing systems to manage communication with customersUnderstanding of performing 1st level analysis and interpretation of information from SOC systems; incident identification/analysis, escalation procedures, and reduction of false–positivesHere at Claranet we pride ourselves on going the extra mile for and with our employees (yes, we really mean it). We offer an extensive benefits package that you can tailor to your needs, inclusive of a matching contribution pension scheme, healthcare, insurance, dental, discounted gyms and app supported benefit access.But what we think makes us different is 'Team Claranet,' our dedicated internal part of the business that supports you with matters close to your heart. We proudly support local charities in each of our office locations, support employees with paid charity leave, organise key charity fundraising event per year and have a dedicated committee responsible for supporting employee's fundraising efforts.Claranet are one of the 10 founding members of TC4RE (Technology Community for Racial Equality). Being a part of a group of leading UK technology organisations, we are dedicated to building a more diverse and inclusive workforce. We are also very proud members of Tech Talent Charter, a government supported, industry–led membership group created to address the UK's tech talent shortage and diversity gap through collective action.Create a job alert and receive personalised job recommendations straight to your inbox.
#J-18808-Ljbffr
.webp "Apply4U | Sign Up")
.webp "Apply4U | Contact Us")
.webp "Apply4U | Sign up")
