Connecting...

W1siziisijiwmtgvmtivmtmvmdkvmjuvntavmziyl2ljdc5qcgcixsxbinailcj0ahvtyiisijiwmdb4nzawiyjdxq
Job

SOC Team Lead

  • Job ref:

    1200653/001_1659971061

  • Location:

    England

  • Sector:

    ICT

  • Job type:

    Contract

  • Salary:

    £600 - £700 per day

  • Contact:

    Tom McParland

  • Email:

    tmcparland@cbsbutler.com

  • Published:

    about 2 months ago

  • Duration:

    6 Months

  • Start date:

    ASAP

  • Consultant:

    #

SOC Team Lead - SC Cleared

6 Month Contract

£600 - £700 per day

Fully Remote

Insde IR35


Responsibilities:

  • Provide leadership to Security Operations Center Analysts & Engineers

  • Provide security monitoring and incident response of cyber security events in a highly available Security Operation Center (SOC) that supports internal and external customers

  • Respond to cyber security tickets and provide analysis and trending of security log data from security devices as well as various security tool portals

  • Monitor and analyze Security Information and Event Management (SIEM) alerts to identify security issues for remediation and investigate events and incidents

  • Monitor all security logs and events

  • Provide proactive "threat hunting" to detect incidents

  • Tune rules and thresholds to improve fidelity of alerts

  • Prepare reports of analysis and results to provide briefings to management and clients

  • Provide Incident Response support when analysis confirms actionable incident

  • Investigate, document, and report on information security issues and emerging trends.

  • Mentor junior staff and interns

Essential Skills:

  • Experience as a Senior Security Analyst leading a team or Analysts and Engineers

  • A minimum of 3-5 years as a senior SOC Analyst or Engineer working at a senior level

  • Strong stakeholder management

  • Experience with Security Operations Center, network event analysis and/or threat analysis

  • Experience working as an Incident Responder

  • Knowledge of various security methodologies and technical security solutions

  • Experience analyzing data from cybersecurity monitoring tools

  • Ability to analyze endpoint, network, and application logs

  • Experience tuning and/or configuring SIEM and vulnerability tools

  • Knowledge of common Internet protocols and applications

  • Scripting experience in Linux or PowerShell preferred

  • Appropriate security certifications (ie CISSP, Security+, CySA)