Summary: The role involves Lead and Senior SOC Analyst positions requiring high-level Security Clearance, based fully onsite near Milton Keynes with a 24/7 shift rota. Analysts will monitor systems for security incidents, perform incident triage, and manage initial incident responses. The position demands strong problem-solving skills and experience with security tools, particularly SPLUNK, within a Security Operations Centre. Candidates with prior high-level security clearance are encouraged to apply, with a security clearance process that may take a minimum of 10 weeks.
Key Responsibilities:
- Continuous Monitoring: Monitor security tools, including SIEM systems, to detect suspicious activity.
- Incident Triage: Analyse alerts and logs to determine if an event is a genuine security incident or a false positive.
- Initial Incident Response: Perform initial containment actions for confirmed incidents and escalate as necessary.
- Reporting and Documentation: Create detailed tickets and reports for all detected incidents.
- Tool Management: Assist in the maintenance and optimisation of security tools.
Key Skills:
- Excellent problem-solving abilities and strong attention to detail.
- Experience of SPLUNK within a Security Operations Centre (SOC).
- Bachelor's degree in computer science, Cyber Security, Information Technology, or a related field preferred.
- Foundational understanding of networking concepts, operating systems, and common cyber-attack techniques.
- Certifications like CompTIA Security+, Cybersecurity Analyst (CySA+) are a bonus.
Salary (Rate): undetermined
City: undetermined
Country: undetermined
Working Arrangements: on-site
IR35 Status: undetermined
Seniority Level: undetermined
Industry: IT
We have a number of Lead and Senior SOC Analyst roles requiring a high level of Security Clearance. The roles will be based fully onsite near to Milton Keynes covering a 24/7 shift rota.
You will be a part of a 24/7 team responsible for monitoring our systems, detecting potential security incidents, and initiating the incident response process.
Key Responsibilities
Continuous Monitoring: You will monitor security tools, including Security Information and Event Management (SIEM) systems, to detect suspicious activity. You will be the first to see potential threats and will need to be efficient and professional response against defined processes.
Incident Triage: You will analyse alerts and logs to determine if an event is a genuine security incident or a false positive. You will need to be methodical and follow established procedures to classify and prioritise incidents.
Initial Incident Response: For confirmed incidents, you'll perform initial containment actions, such as isolating affected systems, and escalate the incident to a Level 2 or 3 analyst for deeper investigation.
Reporting and Documentation: You'll create detailed tickets and reports for all detected incidents, documenting your findings and the steps you took. This is crucial for tracking incidents and for future analysis.
Tool Management: You will assist in the maintenance and optimisation of security tools, ensuring they are working correctly and effectively.
Essential skills & experience include:
- Excellent problem-solving abilities, strong attention to detail, and the capacity to work under pressure. You should be a strong communicator, both written and verbal, and be comfortable working in a team environment.
- Experience of SPLUNK within a Security Operations Centre (SOC).
Education: A bachelor's degree in computer science, Cyber Security, Information Technology, or a related field is preferred. Relevant experience may be substituted for a degree.
Knowledge: You should have a foundational understanding of networking concepts (TCP/IP, DNS, etc.), operating systems (Windows, Linux), and common cyber-attack techniques.
Certifications: While not required, certifications like CompTIA Security+, Cybersecurity Analyst (CySA+), or a similar certification are a significant bonus to the role.
Due to the nature and urgency of this post, candidates holding or who have held high level security clearance in the past are most welcome to apply. Please note successful applicants will be required to be security cleared prior to appointment which can take up to a minimum 10 weeks. LA International is a HMG approved ICT Recruitment and Project Solutions Consultancy, operating globally from the largest single site in the UK as an IT Consultancy or as an Employment Business & Agency depending upon the precise nature of the work, for security cleared jobs or non-clearance vacancies, LA International welcome applications from all sections of the community and from people with diverse experience and backgrounds.
Award Winning LA International, winner of the Recruiter Awards for Excellence, Best IT Recruitment Company, Best Public Sector Recruitment Company and overall Gold Award winner, has now secured the most prestigious business award that any business can receive, The Queens Award for Enterprise: International Trade, for the second consecutive period.
