Job Descriptions:
Work on-site in client premises SOC 24/7 operation which consists of 4 shift teams.
Provide security expertise to escalated Security incidents.
Act as the Incident Handler for security incidents.
Technical escalation point for the SOC.
In-depth SIEM administration and configuration.
Fully utilize threat intelligence capabilities for proactive threat hunting.
Follow agreed security best practices and SOC Processes.
Assisting in the development of incident response procedures and playbooks.
Keep up to date on security developments and news and develop team security knowledge.
Be responsible for updating our ISMS (policy, procedures, standards, guidance).
Manages critical business assets inventory and cyber security risk register.
Works with Security Engineer, Security Architect and SecOps team to support risk assessments for IT services.
Develops and implements security training & education for IT and wider business teams.
Manages 3rd party security relationships and conducts supplier risk assessments, flags concerns, logs risks and remediations.
Conducts internal pen testing and manages external pen tests and vulnerability scanning.
Working with development teams for code analysis and pen testing.
Creates phishing campaigns specific to the current climate and business.
Supports incident investigations.
Understanding of security threats, attack scenarios, intrusion detection and incident management.
Strong facilitation and negotiation skills.
Ability to deal with ambiguity and to keep a cool head when dealing with crisis or stressful situations and strong analytical skills.
Good understanding of ISO 27001, Cyber Essentials/Essentials Plus, GDPR and other information security-related regulatory and compliance standards.
Hands-on experience of pen testing and using various tools, log carving and log investigation.
Experience with building threat-based Use Cases using frameworks such as MITRE ATT&CK.
Cloud computing concepts and service models IaaS/ PaaS/ SaaS.
Authentication concepts (Windows, AAD, Managed Identity).
PowerShell, Kali Linux, Web Application Security (OWASP).
Vulnerability testing tools (Nessus).