SOC Analyst (Senior level)

Location: Stevenage (shift pattern - detailed below)

Duration: 6 month initial contract

Rate for Senior-Level: 85ph UMB (Inside IR35)

Hours: 28 hours per week.

Role details:

Our client, a leading defence company, are looking to bring in multiple SOC Analysts due to an increase in demand. We are looking for both mid-level and senior engineers. The role will support the cyber security operations centre (SOC), assisting with vital threat detection and analysis in a constantly evolving cyber environment. This contract position offers an exciting opportunity to work within one of the most dynamic fields in defence.

The successful applicant will drive a proactive ethos in an ever-changing cyber security environment and provide robust threat detection and analysis within the 24x7 SOC.

It will cover analysis, monitoring, reporting, alerting and investigation activity utilising a wide variety of security platforms including AI/ML and behavioural analytics, SIEM (Security Information Event Management), Network Packet Capture platform, Anti Malicious Code, Threat Detection technologies and platforms across the UK Network Perimeter working with the best standard technologies.

• Effective Tier 1 to 2 alert triage of security events
• Monitoring of Cyber Security tools
• Monitoring the SOC email notification mailboxes
• Assists with the maintenance of MBDA Security technologies
• Assisting the SOC Solutions Lead with project activity
• Assist proactive threat hunting in collaboration with the CTI function
• Assist IR in HR and InfoSec related investigations
• Ensure the timely triage and remediation of any incident or request tickets raised to the SOC
• Participate in the activity of adding/removing URLs from the AcceptList and BlockList
• Attend routine security meetings
• Conduct activities in line with SOC Maturity and continuous improvement

• Experience in Cyber Security with a focus on Network Security, Infrastructure and Operating Systems & Applications
• Knowledge of IT Security standard methodologies
• Understanding of the OSI Reference Model and network communication protocols, including but not limited to DNS, HTTP/S, SSL, SMTP, FTP/S, LDAP/S
• Experience with Security Information Event Monitoring Tools and/or Network Packet Capture tools
• Hands-on experience with IDS/IPS technologies and threat hunting activities
• Strong analytical skills and a keen mindset
• Experience within Defensive Cyber-attack methodologies and frameworks
• Understanding of Malware capabilities, attack vectors, propagation and impact
• Good communication skills for liaising with business units and suppliers

• Root cause analysis and leadership in T2 incident investigations
• Process / Playbook / Runbook development
• Working knowledge of detection engineering, false positive improvements
• Capability to tune SIEM rules or create custom detections
• Scripted automation experience e.g. Python, SOAR, PowerShell
• Threat modelling and hunting methodologies

Additional information:

• These roles are fully site based in Stevenage
• Shift Pattern: Blocks on 4-5 days on, and 4-5 das off with either early, lates or nights across the shift blocks (rotating pattern). 2 weekend per 28 days will also be required
• These roles are 28 hours per week
• SC will be required prior to starting the role, with a view of applying candidates for DV clearance (bonus if you already hold this!)

If you have the required experience and skills and are looking for a challenging role in the Defence & Security sector, we encourage you to apply now!