SOC Lead
-
Job ref:
CDI - 1200653_1659623160
-
Location:
England
-
Sector:
-
Job type:
-
Salary:
£600 - £700 per day
-
Contact:
Ciaran Digney
-
Email:
-
Published:
6 months ago
-
Duration:
6 months
-
Start date:
ASAP
Job title: SOC Team Lead
Location: Fully Remote
Contract: 3 Months
Rate: £600 - £700 per day inside ir35
SC security clearance is required for this role
I am looking for a SOC lead for a client of mine who are an IT systems Integrator operating within the UK defence sector. It is a fully remote role and on an initial 3 month contract.
Responsibilities
* Provide leadership to Security Operations Center Analysts & Engineers
* Provide security monitoring and incident response of cyber security events in a highly available Security Operation Center (SOC) that supports internal and external customers
* Respond to cyber security tickets and provide analysis and trending of security log data from security devices as well as various security tool portals
* Monitor and analyse Security Information and Event Management (SIEM) alerts to identify security issues for remediation and investigate events and incidents
* Monitor all security logs and events
* Provide proactive "threat hunting" to detect incidents
* Tune rules and thresholds to improve fidelity of alerts
* Prepare reports of analysis and results to provide briefings to management and clients
* Provide Incident Response support when analysis confirms actionable incident
* Investigate, document, and report on information security issues and emerging trends.
Essential Skills
* Experience as a Senior Security Analyst leading a team or Analysts and Engineers
* A minimum of 3-5 years as a senior SOC Analyst or Engineer working at a senior level
* Strong stakeholder management
* Experience with Security Operations Center, network event analysis and/or threat analysis
* Experience working as an Incident Responder
* Knowledge of various security methodologies and technical security solutions
* Experience analysing data from cybersecurity monitoring tools
* Ability to analyse endpoint, network, and application logs
* Experience tuning and/or configuring SIEM and vulnerability tools
* Knowledge of common Internet protocols and applications
* Scripting experience in Linux or PowerShell preferred
* Appropriate security certifications (ie CISSP, Security+, CySA)
If you are interested in this role or wish to apply please feel free to reply to this advert or call me on 01737 821029 or 07766 512829
