Senior Information Security Analyst - SOC

15 Apr 2018
18 Apr 2018
Contract Type
In a nutshell As part of the Security Operations Centre (SOC) provide incidentdetection and respond capabilities. What I need to do End to end management of cyber security incidents. Identify and respond to IOCs at all stages of the cyber kill chain. Support the creation of security related management reports, including KPI's, on both an ad-hoc and regular basis. Experience of creating dashboards. Experience with creating advanced searches and reports Experience of on-boarding logs into SIEM tools. Mentor Junior security team members. Manage multiple relationships with senior business stakeholders. When required provide analysis on investigations. Create scripts to automate repeatable security tasks. Including PowerShell, Python and Search Processing Language (SPL). Ensure maximum value from security vendors. Out-of-hours' work may be required when dealing with Incidents. This roles includes a mandatory rotational on-call responsibility. Detailed understanding of SPLUNK cloud and on-prem architecture. How I will succeed Delivery of a professional Information Security service to customers. Successful handling of Security Events and Incidents. Compliance with Sainsbury's Information Security Standards. Recognition as an Information Security professional. Continuous Personal Development. Keeping up to date with latest industry knowledge and trends. Excellent feedback from customers. Talkback 360 degree feedback from colleagues. What I need to know Experience working in a SOC environment - Essential Professional Security qualification (Current CISSP or CISM preferred) - Desirable. Professional Security qualification such as CREST or GIAC - Essential. Knowledge of Windows and Linux OS - Essential. Knowledge of Endpoint protection technologies, Splunk, CyberArk, Office 365, Active Directory Understanding of attack vectors, exploits, and hacking tools and techniques. Understanding of OWASP top 10 application vulnerabilities. What I need to show A Passion for Computing and Information Security. Experience in an Information Security environment. Resources available to me Dedicated SOC Environment. SIEM Tool. Network Security Analytics Tools. Security Application Tools. Cloud Security Tools. Network and Infrastructure Support. The Information Security Team. Proactive Management Team. What decisions I can make Event and Incident management. Task activities. Continuous Improvement. Development requirements. #LI-DB - provided by Dice ACTIVE DIRECTORY, CISM, CISSP, CLOUD, CREST, DEGREE, GIAC, INCIDENT MANAGEMENT, INFORMATION SECURITY, LINUX, POWERSHELL, PYTHON, WINDOWS