SOC Analyst - QRadar, Crowdstrike, Enterprise Level Company

Job Description

SOC Analyst - QRadar, Crowdstrike sought by leading satellite communication company based in the city of London.**Inside IR35** - 95% Remote, Shift Pattern Below.5 Week Shift Pattern Explained:

• Week 1 - 4 Nightshifts > 3 Rest days
• Week 2 - 3 Days & 3 Nights with 1 Rest day in between
• Week 3 - 3 Rest days > 4 Dayshifts
• Week 4 & 5 - "Bank Week" for shift redundancy - Only 2 shifts are scheduled over a 14day period, with the option for additional shifts should this be required for scheduled/ ad hoc cover.
• Week 6 - Repeats pattern

**Alternative 11am - 7pm Shift also available**Key responsibilities of the position

• Act as a first line security event analyst monitoring the Security Information and Event Management (SIEM) System. Monitor the alarm console; provide initial analysis of logs and network traffic; and make security event determinations on alarm severity,escalation, and response routing.
• Provide first line telephone, e-mail and ticket routing services for security event notifications and incident response processes.
• Deliver first level investigation and remediation activities as a member of the Security Incident Response Team. Participate in Security Incident Response Team (SIRT) events: Conduct research and assessments of security events; provide analysis of firewall,IDS, anti-virus and other network sensor produced events; present findings as input to SIRT.
• Participate in a Compliance/Vulnerability Assessment (VA) Scanning Capability. Follow a documented process for routine scanning of company infrastructure and network elements. Develop mitigation and remediation plans as a result of the vulnerability assessmentfindings.
• Monitor threat and vulnerability news services for any relevant information that may impact installed infrastructure. Analyze reports to understand threat campaign(s) techniques, lateral movements and extract indicators of compromise (IOCs).
• Create and update security event investigation notes, conduct shift change reports on open cases, and maintain case data in the Incident Response Management platform.
• Document information security operations policies, process and procedures.
• The post will require joining a 24/7 shift rota covering daytime, night time, and weekend work (adequate notification will be provided)

QualificationsEssential Knowledge and Skills:

• A University degree level education or equivalent in Information Security, Forensics, or Computer Science; related experience and/or training in the field of IT security monitoring and analysis, cyber threat analysis, and vulnerability analysis.
• Understanding of performing 1st level analysis and interpretation of information from SOC systems; incident identification/analysis, escalation procedures, and reduction of false positives.
• A Global Information Assurance Certification (GIAC) Certified Incident Handler (GCIH), GIAC Certified Intrusion Analyst (GCIA), or equivalent certification would be advantageous.
• Intermediate knowledge of Information Security fundamentals, technologies, and design principals.
• Understanding or proven experience in securing Windows, Linux, Oracle and VM platforms.
• Understanding or proven experience of QRadar or similar Security Information and Event Management (SIEM) tools for analysing network and security incidents.
• Experience in Tenable Network Security Nessus, BeyondTrust Retina or similar Vulnerability Assessment (VA) scanner operations for identifying network and platform risks and mis-configurations.
• Willingness to learn new skills and be self-motivated.
• Ability to work in a team environment, to work under pressure and show flexibility.
• Excellent verbal and written communication skills in English.

Please apply within for further details or call on Alex ReederHarvey Nash