Salary- £44.5k- £49.5k
25 days holidays
We are currently recruiting for a Level 2 SOC Analyst to join one of the world’s leading travel groups based in their office in London. You will be joining in a well-established industry, where career progression is always available and the chance to develop knowledge.
Job purpose: Support the management and ownership of security services and operations within my client.
Some travel may be required and out of hours working to cover incidents and on-call duty may be required.
Key accountability's and decision ownership:
- Analyse information and intelligence relevant to threats facing the systems, infrastructure, and critical resources to our environment
- As a member of SOC team to conduct research and assessments of security events; provide analysis of firewall, IDS, anti-virus, proxies and other network sensor produced events; present findings as input to CSIRT
- Use SIEM and security tools to monitor the security posture of the IT estate and identify anomalous activity and behaviours.
- Maintain proper documentation and review/modify existing documentation.
- Strong knowledge of security principles and network concepts (operating systems, TCP/IP, HTTP, DNS, Ports, SSL/TLS, IPS/IDS, VPN, MPLS,etc.)
- Understanding of Incident Handling/Response, Forensics/Malware Analysis, Malware/Anti-malware techniques, Threat Hunting, exploits, attack vectors and defensive / preventative measures
- Proven experience of SIEM tools such as QRadar or similar, for analysing logs, network traffic and security incidents
- Basic understanding of security architecture, including encryption and encoding, network file sharing, web server operations, load balancers, and their security implications
- Ability to work under pressure, managing multiple priorities in a rapidly changing and dynamic environment
- Previous security operations centre (SOC) experience is desired
- Understanding of ITIL - incident management, change management, and Problem management processes.
• University degree level education or equivalent work experience
• CSA+, CEH,CCNA Security, Security+, GCIA or other equivalent certification