SOC Analyst - 2nd line - Contract - Must have current DV Clearance
- When required perform initial triage/identification of 'Events of Interest' using the SOC toolset
- Complete analysis/correlation of 'Events of Interest' to identify incidents
- Ensuring that all events, events of interest, exceptions & incidents are responded to in accordance with established SOC work instructions, including remedial action/recommendations.
- Create and follow Playbooks
- Complete post incident reporting.
- Provide log analysis to support SOC services (including threat hunting)
- Responsible for SOC work instructions, ensuring they are reviewed & amended.
- Maintain currency in security concepts, tools and best practices
- Produce reports (as per templates) & vulnerability/trending analysis as requested by UK SOC Mgr or key stakeholders.
- Present & review reports to internal & external key stakeholders
- Complete tooling configuration changes including but not limited to filters/tuning/dashboards as authorised.
- Carry out minor tool maintenance as directed by SOC lead engineer
- SIEM - ArcSight Analyst
- In depth knowledge of Intrusion Prevention Systems (Analysis)
- Firewall / CISO ASA
- TCP/IP Fundamentals
- ITIL Fundamentals (or equivalent)
- CompTIA Security (or equivalent)
- CompTIA Network (or equivalent)
- Wireshark Packet Analysis
- SANS SEC401: Security Essentials (or equivalent)
- SANS SEC503: Intrusion Detection in-depth (or equivalent)
- SANS SEC504: Hacker Tools, Techniques, Exploits and Incident Handling (or equivalent)
Hours of work: 41.13 hours avg Week. Based on 12 hours, Days and Nights rotation with 2 free weekends per month
Morgan McKinley is acting as an Employment Business in relation to this vacancy.
Please note that any references to salary or pay rates in this advertisement and in the salary refinement section are indicative only and should only be used as a guide.