Description
Senior SOC Analyst - Public Sector - Edinburgh - Inside IR35
Day Rate - up to £650
Duration - 6 months
Harvey Nash's Client are hiring a Senior SOC Analyst. As a Senior SOC Analyst you will work within the IT Security Team, working to remediate any potential threats identified in QRadar, taking ownership and owning the issue throughout the entire life cycle.
You will have extensive knowledge of the IBM QRadar and Resilient platform, supporting the IT Security team in delivering a robust security monitoring capability.
Key responsibilities include:
- In accordance with the established security event triage process, identify, document, categorise, investigate, resolve and escalate security incidents as required
- Suggest improvements to the security incident handling process, implementing improvements as agreed
- Support the development of playbooks within IBM Resilient, looking for opportunities for automated response where appropriate
- Support the onboarding of new logs sources, ensuring they are effectively tuned
- Suggest and implement security management information reporting from the QRadar platform
- Define secure data handling processes up to including forensic data
- Defining playbooks to support the most critical alerts
- Defining appropriate security dashboards with supporting documentation
- Work with the appropriate IT team to remove false-positives/network noise
- Developing incident response plans and working to contain identified threats
- Perform threat hunting activities, utilising the tools available. Develop processes to support the development of the team in performing these activities
- Support vulnerability management processes, working with the appropriate teams to ensure remediation work is completed within SLA
- Monitor Azure Security Center, ensuring any impact to the secure score is managed through to remediation or a defined and documented risk
- Support the integration of additional log sources such as SEPM, SCEP, Illumio or external SIEM Incident feeds such as Azure Sentinel
- Improve the security monitoring and incident triage skills of the IT Security team through regular knowledge sharing sessions and improvements to existing document sets
Skills & Experience Required
- Experience of multiple Information Security and Cyber technical domains within a corporate environment
- In depth hands-on experience of IBM QRadar and Resilient
- Working knowledge of Best Practice Security Standards and Principles eg ISO/IEC 27001, NCSC Security Cloud Principles, NIST etc
- Previous experience coaching and providing feedback
- Professional Security Qualification - eg CISSP, IBM Certified Deployment Professional - IBM QRadar SIEM, IBM Certified SOC Analyst - IBM QRadar SIEM etc
- Exposure to Azure cloud security monitoring including tooling, log collection and log analysis.
Please note that a BPSS Clearance is required for this role.