Senior Security Event Analyst
-
Job ref:
1169486/001_1565184327
-
Location:
Bristol, England
-
Sector:
-
Job type:
-
Salary:
£400 - £450 per day
-
Contact:
Tom Barrett
-
Email:
-
Published:
over 1 year ago
-
Duration:
3 Months
-
Start date:
ASAP
Senior Security Event Anaylst
Location: Bristol
Duration: 3 Months
Rate: £400 - £500
SC Clearance is required for this role
Responsibilities:
Analyse network, application and system events in order to identify any potentially abnormal system behaviours and raise them as incidents for investigation.
Perform and lead proactive analysis across client networks from knowledge of current threats and trends.
Maintain and update the training plans for all security event analysts.
Ensure all operational incidents, on-going tickets and relevant information is handed over to the oncoming shift in an effective and efficient manner, using the shift handover process and documentation (HOTO).
Ensure all tickets are quality checked before release to the customer.
Provide continuous support, updates and recommended courses of action for on-going incidents raised within the SOC.
Ensure sufficient staffing levels are available to meet the minimum staffing requirements of your shift to maintain 24/7/365 operations, advising the Principal Analyst/Head of Cyber Operations of any shortfalls at the earliest opportunity.
Manage shift training, user awareness, mandated security education as required or specified and promote additional professional furtherance amongst your shift.
Act as the shift protective monitoring and SIEM SME.
Produce operational reporting to support both customer and internal information exchanges and briefing and awareness requirements.
Maintain a broad and current understanding of evolving threats and vulnerabilities to ensure the maintenance of the security of our client networks.
Sustain and manage the direct line management, coaching and mentoring of shift personnel.
Continually assess and maintain the SOC.
Skills:
Experience in cyber security including protective monitoring and incident response, e.g. GIAC GMON, GCIA, GCIH or equivalent experience
SIEM (LogRhythm, Arcsight, Splunk, etc) and IDS (Snort) experience
Network security
Excellent communications skills
Mentoring and coaching
Ability to gain SC Clearance
Desirable Skills:
Intrusion Detection In-Depth
Hacker Tools, Techniques, Exploits, and Incident Handling
Continuous Monitoring and Security Operations
Knowledge of security appliances, e.g. FireEye, SourceFire, NIKSUN, Bluecoat, etc.
Report Writing
ITIL v3 Foundation in Service Management
Threat intelligence
