Role Description And Responsibilities
The successful candidate will be part of a large team of skilled cyber security analysts and incident responders who will deliver specialist cyber security capability to contracted clients. This consists of several security logging, security monitoring and security operations services; designed to detect external and internal cyber-attacks and vulnerabilities on the client systems and network infrastructure.
Required Skills And Qualifications
The Level 2 SOC Analyst performs individual tasks consistently and at an exemplary standard and is able to mentor Level 1 SOC Analysts in SOC processes and procedures.
Responsibilities
- Deliver security-based operational support for clients, in line with documented process and timeframe
- Classify and prioritize incidents based on established criteria
- Review the collected data and additional requested log sources then provide tactical recommendations
- Escalate any potential high visibility incident
- Handle communication to a mix of technical and non-technical client audience
- Research Threat or Security related news that could potentially impact a client
- Proactive hunting for threats in large volumes of data
- Generate scan schedules for vulnerability management and contribute to risk adjusted assessments
- Create custom reports based on the data gathered on a weekly/monthly basis
- Knowledgeable in updating a use case or playbook
- Document processes and process improvements
- Provide analytical and technical support to solve a wide range of complex security issues
- Raise support tickets and take ownership of issues through to completion
- Participate in open communication between team members
- Additional tasks will be given as the individual grows their skill
Key Competencies & Experience
- Degree in computer science or equivalent certifications/qualifications.
- Minimum 2 years of cyber security operations experience.
- Understanding of the different occurrences of incidents, scenarios and situations, including an understanding of evolving threat tactics, techniques and procedures.
- Good understanding and experience in either Incident Response, Vulnerability Management, Security Operations or Cyber Threat Intelligence.
- Good understanding of the cyber security landscape and security concepts.
- Good understanding of common protocols
- Good understanding of security event triage and incident handling processes
- Good understanding of packet analysis
- Foundational understanding of malware analysis
- Foundational understanding of vulnerability management, including scanning and reporting Foundational understanding in security architecture.
- Good understanding in the use of Security Information and Event Management and Endpoint Detection and Response tools is highly desirable.
Skills And Attitudes
- Willing to work in 24 x 7 environment.
- Commitment to continual improvement, education, personal development and a willingness to learn.
- Strong troubleshooting skills and ability to manage issues through to resolution.
- Maintains strong attention to detail in high-pressure situations.
- Ability to explain in written and spoken English.
- Strong ambition and ability to develop and expand cyber security services and product support.
