Job Description

Posted 2 weeks ago

Junior SOC Analyst – Hybrid – 3 days on site – Nottinghamshire

Main Responsibilities: 

– Triage, analyse and investigate alerts, log data and network traffic using  security tools to identify cyber-attacks / security incidents. This includes the investigation and root cause analysis of potential security incidents.

– Proactively investigate potential security breaches by utilising threat intelligence and internal and external security systems and provide subject matter expertise for technical responses to confirmed cyber security incidents.

– Create and maintain the clients target cyber security architecture.

– Deliver subject matter expertise to key stakeholders to drive the implementation of security controls to meet the target architecture.

– Accountable for vulnerability scanning, including the prioritisation of unpatched vulnerabilities and reporting against agreed KPIs and KRIs.

– Support the annual penetration testing schedule by arranging penetration testing, including tracking, and communicating penetration testing results.

– Perform supplementary testing of clients detection and response controls by procuring, installing, and running penetration testing tooling.

– Participate in process improvement work to automate and improve critical cyber security processes such as monitoring, patching, and hardening.

– Develop and maintain process documentation for security architecture, vulnerability management, cyber incident response, and playbooks.

– Provide security representation across multiple geographies, business units and teams to achieve objectives, including engagement with the Information Security Enhancement Office.

Skills, Knowledge and Experience

– Has obtained one or more of the following qualifications: CEH, CRTSA, and OSCP.

– Qualifications such as CISSP and CISM would be advantageous.

– Problem solving skills, and the ability to come up with new solutions to existing challenges.

– Strengths in key ‘soft skill’ areas such as relationship management, communication, and presentation of technical security information to a variety of audiences.

– Technical skills to investigate potential breaches through existing tools, packet capture and log file analysis.

 – A logical mindset, the ability to identify proportionate, appropriate mitigations to identified security incidents, and to prioritise incidents based on risk.

– Capable of working independently/without ongoing supervision on projects and day to day tasks.

Due to the volume of applications received for positions, it will not be possible to respond to all applications and only applicants who are considered suitable for interview will be contacted. 

Proactive Appointments Limited operates as an employment agency and employment business and is an equal opportunities organisation

We take our obligations to protect your personal data very seriously.  Any information provided to us will be processed as detailed in our Privacy Notice, a copy of which can be found on our website (url removed)