Description
Cyber Security Operations Analyst - Outer London - Government
Pay Rate: £292 per day
Contract Length: 6 months initially
Location: Outer London, Hendon
Clearance: SC - Security Cleared
*PLEASE READ JOB DESCRIPTION CAREFULLY AND ONLY APPLY IF YOU SATISFY THE RELEVANT CRITERIA, APPLICATIONS FAILING TO DO SO ARE UNABLE TO BE CONSIDERED.*
Experience required
1. Have a strong IT technical background and experience working in a SOC environment.
2. Functional experience performing monitoring, analysis and recovery procedures or security technologies.
3. Carried out some minor investigation and understand the process to carry out an investigation.
4. Has utilised toolsets for analysis such as but not limited to SIEMs (eg Splunk, ELK, LogRhythm, MacAfee, IBM QRadar, etc.), IDS/IPS (eg network- and host-based), NAC, FIM, DLP, vulnerability management tools, network monitoring tools, Cyber Security Case management (eg SNow), etc.
5. Functional knowledge of TCP/IP protocol suite, LAN/WAN technologies, switching, routing, VoIP and Telephony technologies, Firewalls and VPN, intrusion prevention systems (IPS), vulnerability assessment and patch management tools.
6. Functional knowledge of UNIX, Linux, Apple and Windows technologies.
7. Functional knowledge of operating protocol analysers and analysing output.
Additional qualifications for this role
Active CISSP, SSCP, SANS certifications, Security or equivalents
Knowledge of APIs (eg RESTful), JASON, Query String Query, and Python (or similar).
Additional Info:
Working within CSOC. MUST HAVE EXPERIENCE WITH ELK' Stack.
Experience in Business Change/Operations/PMO/PM. Help on-board new toolsets.
Protective monitoring.
Experience in IT, Understading BPO and Data Analysts.
Help build processes in department.
Essential Experience: ELK. CSOC environment. Experience in ServiceNow'.
Desirable Experience: ServiceNow security bolt-on.
Key tasks and deliverables
As a SOC Analyst, your role on the team will include leveraging your knowledge of industry best practices, good judgment and problem solving skills to execute security operations.
In this position you will be:
- Working as part of a team, monitoring and investigating security events from monitored IT systems so that potential attacks can be detected.
- Providing situational security awareness by combining information from a variety of systems, performing analysis of log files, normalising and correlating the information, and triaging security alerts.
- Monitoring the health of monitoring tools and working with other teams to configure their policies and signatures.
- Checking system vulnerabilities and recommending remedial action to be taken.
- Identifying suspicious and anomalous activities, and collecting data and context necessary to initiate Tier 2 activities.
- Ensuring that all security monitoring systems and consoles are monitored diligently and timely.
- Continuously seeking to identify potential service and tool improvements
Description
Develop plans to safeguard computer files against accidental or unauthorised modification, destruction, or disclosure and to meet emergency data processing needs. Confer with users to discuss issues such as computer data access needs, security violations, and programming changes. Monitor current reports of computer viruses to determine when to update virus protection system. Modify computer security files to incorporate new software, correct errors, or change individual access status. Coordinate implementation of computer system plan with establishment personnel and outside vendors.
Please Quote Ref - JSCP0071