Cyber Security Specialist
Swinton, England, United Kingdom
You will work alongside other Cyber Security Engineers, including Senior Cyber Security Engineers responsible for managing and improving our SIEM and security platforms to meet the requirements of the business and is expected to think beyond a conventional SIEM approach and seek to enhance the security suite to a comprehensive automation and orchestration capability.
- You will assist in establishing and maintaining processes, tooling and metrics that help provide a high level of productivity, supportability, and operational readiness while also participating in project planning activities such as service enhancements and change management controls.
- You will work with the technical lead / SME for the CSOC and SIEM service offering by managing and improving the platforms to meet the requirements of the business and/or client.
- Configure and develop SIEM tooling, and associated tool sets, to deliver effective and efficient SOC services through automation and orchestration, and to increase MTTD whilst reducing false positives and negatives.
- Ensure all security platforms are optimised to detect and prevent security threats across all on-prem and cloud environments to meet business objectives and regulatory requirements
- Provide technical oversight and support for the identification, triage and response to events or incidents of a suspicious or malicious nature, and apparent security breaches.
- Act as a technical escalation point for SOC Analysts and Senior SOC Analysts in delivery of our CSOC services.
- You will work collaboratively with architects, infrastructure teams and key stakeholders inside and out of the business ensuring security and monitoring requirements are determined and implemented through onboarding or continuous improvement activities
- Actively support the onboarding of new clients throughout the transition to service delivery lifecycle.
- Deliver a variety of projects including planning and execution of changes, documentation, including training, skills and knowledge transfer to the team and clients.
- Maintain a continuous understanding of the threat landscape with in-depth knowledge around threat actors, TTPs and vulnerabilities
- Excellent soft skills in the form of team working, problem solving and communication
- You are a self-starter, keen to develop new services and can collaborate effectively
- Technical experience in a Security Operations Centre, Incident Response Team or similar environment
- Experience with a variety of SIEM platforms, ideally Azure Sentinel, and monitoring tools, configuration management tools, host virtualisation, containerisation, vulnerability scanners, proxies, WAFs
- An in-depth knowledge of log formats, log transports and log analysis as well as automating log ingestion and normalisation in a SOC environment
- The ability to perform analysis of log files from a variety of sources (e.g. individual host logs, network traffic logs, firewall logs, and intrusion detection system [IDS] logs) to identify possible threats to network security
- Experience, either within a ‘lab’ or business context of using SIEM tools, tuning tools to reduce false positives · Strong technical skills with experience in intrusion analysis and investigation using a variety of security tools (SIEM, EDR, DLP, AV, Snort, Wireshark, TCPdump etc.)
- A thorough understanding of internet communications protocols and in-depth packet analysis, including knowledge of how these protocols are commonly secured
- Awareness of cyber-attack techniques and how protective monitoring systems can be used for detection, mitigation, remediation and protection
- An understanding of Cyber Incident Response and how to identify if an incident has occurred and how to assess and limit the impact it may have
- One or more of the following industry certifications: CEH, GCIA, GCIH, GSEC, Security+, GCT
For our UK benefits package, please click here.
All recruitment and selection for Content+Cloud is guided by the principles of our Employment Equity Plan.
Other jobs like this
Explore more Cyber Security career opportunities
Find open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Analysis, Cryptography, Digital Forensics and Cybersecurity in general, filtered by job title or popular skill, toolset and products used.
- Open Application Security Engineer/Architect jobs
- Open Lead Security Engineer jobs
- Open Penetration Tester jobs
- Open Cyber Security Engineer jobs
- Open Senior DevSecOps Engineer jobs
- Open Cyber Threat Intelligence Analyst jobs
- Open Senior Security Operations Engineer jobs
- Open Senior Information Security Engineer jobs
- Open Vulnerability Analyst jobs
- Open Staff Application Security Engineer jobs
- Open Sr. Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Engineer jobs
- Open SOC Analyst jobs
- Open Cyber Security Analyst jobs
- Open Staff Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Cloud Security Automation Specialist jobs
- Open Senior Threat Intelligence Analyst jobs
- Open Offensive Security Engineer jobs
- Open Information Security Officer jobs
- Open Head of Information Security jobs
- Open Information System Security Officer (ISSO) jobs
- Open Azure Security Engineer jobs
- Open Cloud Security Operations Lead jobs
- Open DevOps-related jobs
- Open Analytics-related jobs
- Open Audits-related jobs
- Open PCI-related jobs
- Open Application security-related jobs
- Open OWASP-related jobs
- Open Threat intelligence-related jobs
- Open Clearance-related jobs
- Open IDS-related jobs
- Open Security assessments-related jobs
- Open Forensics-related jobs
- Open Ruby-related jobs
- Open Splunk-related jobs
- Open Encryption-related jobs
- Open CEH-related jobs
- Open Open Source-related jobs
- Open CISM-related jobs
- Open GDPR-related jobs
- Open OSCP-related jobs
- Open Threat detection-related jobs
- Open Machine Learning-related jobs
- Open Intrusion detection-related jobs
- Open Docker-related jobs
- Open Agile-related jobs