SOC Analyst (Level 2) in UNITED KINGDOM

SOC ANALYST (LEVEL 2)

$90K-$100K BASIC SALARY (GBP OR EURO EQUIVALENT)

100% REMOTE WORKING

Suitable candidates must be a UK or Irish National - no sponsorships/visas will be accepted for this role.

Our client is a global leader in the ReInsurance space, based in Connecticut, USA and they are looking for a Level 2 Analyst with experience of working for an MSSP to join their growing team of cyber professionals on an ongoing contract basis.

Although the client is based in the USA, the contract will be working on projects for UK based clients, so there will be no expectation to work alternative hours to match the USA timezone. Due to the location of the client, the salary is being quoted as USD, but will be converted to GBP or Euros, as required by the candidate.

RESPONSIBILITIES

The Security Analyst is responsible for providing security support as a member of the IT Security team. This includes the primary responsibility of monitoring and providing ticket responses for the entire Group enterprise as it relates to security.

Activities shall encompass ServiceNow ticket review and resolution/escalation. In addition, analysis and response of user-reported Phishing emails, troubleshooting and reporting, escalating and coordinating activities related to security issues.

This includes incident response activities, when necessary, in coordination with our Incident Response Plan (IRP). Other IT security responsibilities include Web Content Filtering, Microsoft Defender ATP, Carbon Black Protection (Bit9) and other security-related product support, as well as support to end-users.

Essential Duties

• Monitor, analyze, and troubleshoot system/application/network activity using a variety of tools including but not limited to:
• SIEM
• Endpoint Detection & Response Tools
• Application Whitelisting
• Endpoint and Network Monitoring
• Act as the first responder to tier 1 and tier 2 tickets and escalate as needed
• Monitor and analyze endpoint behaviour as related to security
• Coordinate all work through the use of a designated ticketing system (currently ServiceNow)
• Provide after-hours support as necessary
• Analyze SOC tickets and respond/escalate as needed
• Communicate and coordinate with disparate technology groups to facilitate troubleshooting efforts
• Provide support for cyber security with security incident investigations and corrective actions
• Augment the IT Security team to provide communications to the customer and senior management, and coordinate efforts among various IT Groups
• Assist in shifting non-security workloads to other IT teams

Skills, Knowledge & Abilities

ESSENTIAL

• 12-18 months experience in a SOC role working for an MSSP.
• Strong EDR & SIEM experience
• Attentiveness to detail, well-organized, and managing time efficiently
• Great teamwork and ability to communicate with others including non-technical users
• Familiarity with the MITRE ATT&CK Framework
• Knowledge of common Threat Actors, and related TTPs (LOLBIN’s, etc.)
• Experience with triaging security alerts and incidents end-to-end

PREFERRED EXPERIENCE

• IR and/or Threat Hunting Experience
• Experience with some scripting technologies (PowerShell, Python)
• Familiarity with cloud technologies (Azure)
• Familiarity with Active Directory