Security Ops Tier 2
My Client, an exciting company who have experienced a massive amount of growth recently are expanding their Security Operations Team.
If you have at least 3 years working in a SOC and feel like you are ready to make the next step, then this could be the role for you!
Work with alerts from the Tier 1 SOC Analysts, to perform in-depth analysis and triage of network security threat activity based on computer and media forensics, malicious code analysis, and protocol analysis.
Assist with the development of incident response plans, workflows, and Standard Operating Procedures.
Monitoring and management of SIEM infrastructure.
Review and fine tune the false positive incidents.
Provide feedback and Automate the common recurring tasks.
Develop and implement detection use cases.
Leverages emerging threat intelligence (IOCs, updated rules, etc.) to identify affected systems and the scope of the attack.
troubleshooting scripts used for internal process.
review vulnerability scans and send vulnerability assessment reports.
Proactively conduct research of client network traffic and system activity looking for security anomalies and suspicious activities.
Perform Advanced Persistent Threat correlation between multiple security event sources such as firewall logs, threat intelligence feeds, AV, IDS, IPS, and EDR solutions.
Strong problem-solving skills, critical thinking, excellent analytical ability, strong judgment and the ability to deliver high performance and high levels of customer satisfaction in a matrix managed environment.
Experience on SIEM technology, preferably on IBM QRadar
Device Knowledge such as Firewall, IPS/IDS, Routers/Switches
Security certifications (CISSP, CISM, GIAC certs) preferred
ITIL V3 certified
2+ years of experience working in Security Operations Centre with a Security Incident & Event Management (SIEM) to correlate events across several devices.
Strong understanding of network devices such as Intrusion Detection Systems (IDS)/ Intrusion Prevent Systems (IPS), firewalls, network packet capture tools, and file integrity monitoring tools.
Proficient knowledge in incident prevention, detection and response tools
Knowledge of network and server security products, technologies, and protocols
Requires background in at least 2 of the following domains: hacking and incident response; network forensics; security engineering, security analysis and investigations
ExposureFor more information, contact Peter Raine at Reperio Human Capital on (phone number removed).
Reperio Human Capital acts as an Employment Agency and an Employment Business