SOC Analyst Level 2
| Posting date: | 23 July 2024 |
|---|---|
| Hours: | Full time |
| Closing date: | 22 August 2024 |
| Location: | EC2V 7NQ |
| Remote working: | On-site only |
| Company: | Capita plc |
| Job type: | Permanent |
| Job reference: | 10101781-42284 |
Summary
Home based role. Help strengthen our team as our Level 2 SOC Analyst. Home based role.
A great opportunity to join our team as our Level 2 SOC Analyst to be responsible for the detection of threats to our internal and external customers businesses. You will analyse the latest Threat Intelligence to proactively identify areas of potential compromise tuning systems and process to alert to issues and assisting with the identification of remediation activities.
As a Level 2 SOC Analyst, you will be responsible for the management, response and/or escalation of security incidents received from Level 1 SOC Analysts.
You will coordinate mitigation, response, and investigation efforts when security incidents arise. You will determine and suggest containment, eradication, and recovery actions to respond and remediate in a timely manner as well as keep monitoring the resolver groups for efficient turnaround times.
You will be guided by Threat Intelligence which is actionable information (e.g. IOCs/TTPs), conduct threat hunting activities; leveraging and analysing sources of information as available through the SIEM, in addition identify and investigate potential suspicious activity as well as helping organisations identify, isolate, and contain security issues.
What You'll Be Doing:
-Completion of day-to-day checklist(s), including log review, management report scheduling & running, alert analysis, and escalation follow up activity status.
-Performing advanced event and incident analysis, including baseline establishment and trend analysis.
-Providing timely advice and guidance on the response action plans for events and incidents based on incident type and severity.
-When necessary, and with the CSOC Manager's approval, devise, and document new procedures
-Identifying opportunities for CSOC and client system tuning.
-Updating documentation owned by the SOC team including but not limited to Standard Operating Procedures (SOPs) and Operational Level Agreements (OLAs)
-Improving and developing new content based on observed and measured SOC activity.
What we're looking for:
-Proven experience in SOC environment
-Strong experience in MS Sentinel
-Experience/Knowledge of NIST
-Ideally also experience of managing and monitoring EDR platforms.
-Cyber security degree or equivalent experience
-Experience of onboarding, tuning, reporting, and configuring SIEM solutions
-Leadership and mentoring skills
-Always remaining updated on new threats and developing security standards
-Knowledge/experience of one or more programme skills (Python, Ruby, RHP, C, C#, Java, Regex)
-Knowledge/experience of one or more System administration (Linux, Windows, Mac)
-Self-motivated individual with flexible approach to working.
-Excellent interpersonal skills with the ability to explain technical problems to non-technical business stakeholders at all levels.
-Strong written and oral communication skills
-Active or ability to obtain SC clearance
Preferred Qualification:
-SANS Certification
About Capita Technology and Software Solutions (TSS) and CISO
Capita Technology and Software Solutions (TSS) is a newly formed global shared service, responsible for delivering innovation and digital transformation for Capita's businesses and clients. We work collaboratively with Capita's divisions to shape the right digital technology solutions to help clients work differently, engage differently, sell differently and to be resilient to whatever next comes their way.
Within Policy, Governance and CISO our key capabilities are to define, implement and maintain pan-Capita Cyber, Information Security and IT Policies. Defining and implementing security strategy and providing appropriate governance, assurance, asset management, risk management, privacy and health safety, to maintain compliance requirements for TSS and the wider group
What's in it for you?
-Opportunity to learn new skills and progress your career within SOC/cyber security
-23 days' holiday (rising to 27 days with length of service) with the opportunity to buy extra leave
-The opportunity to take a paid day out of the office, volunteering for our charity partners or a cause of your choice
-Access to our Employee Network Groups, which represent every strand of diversity and allow colleagues to connect and learn from each other on an open, inclusive platform
-Company matched pension, a cycle2work scheme, 15 weeks' fully paid maternity, adoption and shared parental leave and plenty more
You'll get the chance to follow your chosen career path anywhere in Capita. You'll be joining a network of experienced, innovative and dedicated individuals across multiple disciplines and sectors. There are countless opportunities to learn new skills and develop in your career, and we'll provide the support you need to do just that.
What we hope you'll do next:
Choose 'Apply now' to fill out our short application, so that we can find out more about you.
To view our Covid-19 and process adjustments information, please visit the Capita Careers site.
We're an equal opportunity employer, which means we'll consider all suitably qualified applicants regardless of gender identity or expression, ethnic origin, nationality, religion or beliefs, age, sexual orientation, disability status or any other protected characteristic.
Proud member of the Disability Confident employer scheme