Cyber Security Specialist
Swinton, England, United Kingdom
Applications have closed
You will work alongside other Cyber Security Engineers, including Senior Cyber Security Engineers responsible for managing and improving our SIEM and security platforms to meet the requirements of the business and is expected to think beyond a conventional SIEM approach and seek to enhance the security suite to a comprehensive automation and orchestration capability.
Requirements
- You will assist in establishing and maintaining processes, tooling and metrics that help provide a high level of productivity, supportability, and operational readiness while also participating in project planning activities such as service enhancements and change management controls.
- You will work with the technical lead / SME for the CSOC and SIEM service offering by managing and improving the platforms to meet the requirements of the business and/or client.
- Configure and develop SIEM tooling, and associated tool sets, to deliver effective and efficient SOC services through automation and orchestration, and to increase MTTD whilst reducing false positives and negatives.
- Ensure all security platforms are optimised to detect and prevent security threats across all on-prem and cloud environments to meet business objectives and regulatory requirements
- Provide technical oversight and support for the identification, triage and response to events or incidents of a suspicious or malicious nature, and apparent security breaches.
- Act as a technical escalation point for SOC Analysts and Senior SOC Analysts in delivery of our CSOC services.
- You will work collaboratively with architects, infrastructure teams and key stakeholders inside and out of the business ensuring security and monitoring requirements are determined and implemented through onboarding or continuous improvement activities
- Actively support the onboarding of new clients throughout the transition to service delivery lifecycle.
- Deliver a variety of projects including planning and execution of changes, documentation, including training, skills and knowledge transfer to the team and clients.
- Maintain a continuous understanding of the threat landscape with in-depth knowledge around threat actors, TTPs and vulnerabilities
Essential
- Excellent soft skills in the form of team working, problem solving and communication
- You are a self-starter, keen to develop new services and can collaborate effectively
- Technical experience in a Security Operations Centre, Incident Response Team or similar environment
- Experience with a variety of SIEM platforms, ideally Azure Sentinel, and monitoring tools, configuration management tools, host virtualisation, containerisation, vulnerability scanners, proxies, WAFs
- An in-depth knowledge of log formats, log transports and log analysis as well as automating log ingestion and normalisation in a SOC environment
- The ability to perform analysis of log files from a variety of sources (e.g. individual host logs, network traffic logs, firewall logs, and intrusion detection system [IDS] logs) to identify possible threats to network security
- Experience, either within a ‘lab’ or business context of using SIEM tools, tuning tools to reduce false positives · Strong technical skills with experience in intrusion analysis and investigation using a variety of security tools (SIEM, EDR, DLP, AV, Snort, Wireshark, TCPdump etc.)
- A thorough understanding of internet communications protocols and in-depth packet analysis, including knowledge of how these protocols are commonly secured
- Awareness of cyber-attack techniques and how protective monitoring systems can be used for detection, mitigation, remediation and protection
- An understanding of Cyber Incident Response and how to identify if an incident has occurred and how to assess and limit the impact it may have
- One or more of the following industry certifications: CEH, GCIA, GCIH, GSEC, Security+, GCT
Benefits
For our UK benefits package, please click here.
All recruitment and selection for Content+Cloud is guided by the principles of our Employment Equity Plan.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Automation Azure CEH Cloud EDR Firewalls GCIA GCIH GSEC IDS Incident response Intrusion detection Log analysis Log files Monitoring Network security SIEM Snort TTPs Vulnerabilities
Perks/benefits: Equity Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Security Operations Engineer jobs
- Open Information Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Senior Information Security Analyst jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Product Security Engineer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Senior Information Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Chief Information Security Officer jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Sr. Security Engineer jobs
- Open Security Researcher jobs
- Open Senior Security Architect jobs
- Open Security Operations Analyst jobs
- Open ISO 27001-related jobs
- Open Clearance-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open DevOps-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open Kubernetes-related jobs
- Open CI/CD-related jobs
- Open Security Clearance-related jobs
- Open IDS-related jobs
- Open CEH-related jobs
- Open EDR-related jobs