Level 1 SOC Analyst

Company Description

Telefónica Tech (part of the Telefónica Group) is a leading NextGen Tech solutions provider with a highly diversified team of over 6,000 exceptionally skilled employees and +60 nationalities.

We serve more than 5.5m customers every day in over 175 countries, with a global ecosystem of market-leading partners. Global strategic hubs: Spain, Brazil, the UK, Germany.

The Telefónica Tech UK&I hub has an end- to-end portfolio of market leading services and develops integrated technology solutions to accelerate digital transformation through: Cloud, Data & AI (Adatis), Enterprise Applications (Incremental), Workplace Services and Cyber Security & Networking.

Values: Open, Trusted and Bold

Trusted Partners:

• Microsoft: Top 3 Service Providers, Azure Expert Status, Fastrack & Inner Circle Partner
• HPE: Platinum Partner – FY23 UK&I Solution Provider of the Year
• Palo Alto & Crowdstrike: part of our NextDefense Cyber Security Portfolio
• Fortinet: Elite VIP Program – one of only 2 in the UK
• AWS: Advanced Solution & Managed Service Provider Program

Job Description

Due to expansion, we’re now recruiting for a Cyber Security Analyst – L1. 

The Security Operation Centre (SOC) Information Security Analyst is the first level of monitoring in the SOC. The position monitors and responds to security events from managed customer security systems as part of a 24 x 7 Operation. This role is based on a 8x5 rota, aligned to one of our large health customers. 

Your background should include exposure to security technologies including firewalls, IPS/IDS, logging, monitoring and vulnerability management.  

You should understand network security practices. Excellent customer service while solving problems should be a top priority for you. Telefonica Tech is a fast-paced, entrepreneurial environment so to be successful you’ll need to be a pro-active individual, take direction well, communicate succinctly and collaborate effectively. 

Key Responsibilities 

• Monitor and triage alerts in the customer’s environment
• Identify and escalate critical incidents
• Communicate effectively with team members, management and stakeholders
• Recommend enhancements to SOC security process, procedures and policies. 
• Provide further detail on incidents should they arise, this can include, basic level sandboxing, IP reputation or further detailing of IOC’s. 
• Provide base level remediation e.g. blocking user accounts or isolating servers, using EDR/XDR
• Analyse and report on anomalous behaviour. 
• Determine and direct advanced remediation and recovery efforts (with assistance from tooling and/or Level 2)
• Investigate alerts using SIEM, data visualisation, pattern analysis and automation. 

Skills and Experience  

• Solid cyber security skills including SIEM knowledge
• Have the drive to dive deep into issues 
• Ability to identify security threats, trends and anomalies 
• Logical thinker and creative problem solver 

Qualifications

Required: SIEM Certifications, EDR Certifications (Defender or Crowdstrike)

Preferred: Sec+, CND etc