2nd Line Cyber Security Analyst

Role: 2nd Line Cyber Security Analyst

Location: Corsham

Length of Contract: Up to March 2023

Rate of Pay: Please apply for further details 

Working Pattern: Days (Flexibility to cover shifts for holidays and sickness)

Security Clearance: Current DV Clearance

Travel: General Travel to other sites when required

An exciting opportunity has arisen for a 2nd Line Analyst with our client based in Corsham.

The role of the 2nd Line Analyst will be an escalation point for all SOC operational activity. The successful candidate will be responsible for the day to day monitoring of multiple security devices, including SIEM, IDS/IPS etc, ensuring that all customer SLAs are met.

You will be required to work as part of the SOC team ensuring all SOC operational tasks are completed on time and work tickets updated/closed with satisfactory technical details included.

The 2nd Line Analyst will be comfortable at a technical level, often being required to attend technical workshops and customer briefings/service reviews.

All Analysts are expected to be able to present and write professional reports to key stakeholders and exercise good time management.

· Maintain currency in security concepts, tools and best practices

· When required perform initial triage/identification of ‘Events of Interest’ using a range of monitoring and detection tools.

· Complete analysis/correlation of ’Events of Interest’ to identify incidents

· Ensuring that all events, events of interest, exceptions & incidents are responded to in accordance with established SOC work instructions, including remedial action/recommendations.

· Responsible for maintaining SOC work instructions - reviews & amendment.

· Maintain currency in security concepts, tools and best practices

· Produce reports (as per templates) & vulnerability/trending analysis as requested by UK SOC Manager or key stakeholders.

· Present & review reports to internal & external key stakeholders

· Complete tooling configuration changes including but not limited to filters/tuning/dashboards as authorised.

· Carry out minor tool maintenance as directed by SOC lead engineer.

· Support the lead engineer for rules/policy/filters/use cases on SOC tooling.

· Research causes and effects of incidents and exceptions. Provide solutions to procedural failures and improvements to working practices.

· Mentoring - Improve inter team development through mentoring, knowledge sharing, briefing and production of guides and incident scenarios. Show flexibility in developing knowledge of supporting areas and performing their responsibilities during times of operational needs.

· TCP/IP Fundamentals

· ITIL Fundamentals (or equivalent)

· CompTIA Security (or equivalent)

· CompTIA Network (or equivalent)

· Wireshark Packet Analysis

· SIEM Administrator/Analyst

· SANS SEC401: Security Essentials (or equivalent)

· SANS SEC503: Intrusion Detection in-depth (or equivalent)

· SANS SEC504: Hacker Tools, Techniques, Exploits and Incident Handling (or equivalent)

· CCENT

· Ethical Hacker (CEH)

· Cisco Certified Network Associate CCNA

· FIAHMG - Fundamentals of Information Assurance in HMG (leading to CCP)

· CREST (Registered Intrusion Analyst) (CRIA)

· SANS SEC501: Advanced Security Essentials

Call the TARCG office on oo441392241335. or click the link below and apply for this position today!

TARCG is acting as an Employment Business in relation to this vacancy.

By applying to this advert, you give consent to TARCG holding & processing your personal data for the purpose of work-finding services.