Connecting...

W1siziisijiwmtgvmtivmtmvmdkvmjuvntavmziyl2ljdc5qcgcixsxbinailcj0ahvtyiisijiwmdb4nzawiyjdxq
Job

SOC Lead

Job title: SOC Team Lead
Location: Fully Remote
Contract: 3 Months
Rate: £600 - £700 per day inside ir35

SC security clearance is required for this role

I am looking for a SOC lead for a client of mine who are an IT systems Integrator operating within the UK defence sector. It is a fully remote role and on an initial 3 month contract.

Responsibilities
* Provide leadership to Security Operations Center Analysts & Engineers
* Provide security monitoring and incident response of cyber security events in a highly available Security Operation Center (SOC) that supports internal and external customers
* Respond to cyber security tickets and provide analysis and trending of security log data from security devices as well as various security tool portals
* Monitor and analyse Security Information and Event Management (SIEM) alerts to identify security issues for remediation and investigate events and incidents
* Monitor all security logs and events
* Provide proactive "threat hunting" to detect incidents
* Tune rules and thresholds to improve fidelity of alerts
* Prepare reports of analysis and results to provide briefings to management and clients
* Provide Incident Response support when analysis confirms actionable incident
* Investigate, document, and report on information security issues and emerging trends.


Essential Skills
* Experience as a Senior Security Analyst leading a team or Analysts and Engineers
* A minimum of 3-5 years as a senior SOC Analyst or Engineer working at a senior level
* Strong stakeholder management
* Experience with Security Operations Center, network event analysis and/or threat analysis
* Experience working as an Incident Responder
* Knowledge of various security methodologies and technical security solutions
* Experience analysing data from cybersecurity monitoring tools
* Ability to analyse endpoint, network, and application logs
* Experience tuning and/or configuring SIEM and vulnerability tools
* Knowledge of common Internet protocols and applications
* Scripting experience in Linux or PowerShell preferred
* Appropriate security certifications (ie CISSP, Security+, CySA)

If you are interested in this role or wish to apply please feel free to reply to this advert or call me on 01737 821029 or 07766 512829