SOC Analyst - London
£40,000 - £55,000 depending on experience.
Remote working initially but a few days per week ideally in the London office (Mayfair) when things get back to normal.
You will be joining a small, friendly, specialist team who work as in the SOC managing a range of different financial services customers.
We're ideally looking for a mid-range level of experience, you will need to work self sufficiently with minimal guidance after the initial bedding in period, especially as the team is working remotely at the moment.
You will be an incident responder but will also deal with some monitoring, management and configuration of security tools as needed.
Our client looks after the entire service stack themselves and build a lot of their own tools and platforms.
The focus is on the analytics side of things more than the offensive security (i.e. pen testing). Specifically, they like people who have done a bit of work in smaller organisations rather than a Security Analyst role in a large corporate. If you have some end-to-end involvement i.e. have actually setup and maintained some security systems, that would be great.
Ideal type of experiences:
- Log analytics, RAW logs event better
- IDS/IPS, specifically managing and tuning rules
- Windows event management
- Incident response, handling and engaging with relevant parties
- Bit of programming helps, Python mainly, but also PowerShell
- Any form of incident reporting / presentation / awareness materials that they had to produce.
- Vulnerability scanning is helpful.
Tech wise:
- Snort, Suricata, Elastic, (any SIEM tool is useful, Splunk, AlienVault (AT&T Cybersecurity), etc.), SQL, Cisco, OpenVPN, Kali Linux, Windows, Linux (CentOS), VMWare
- Some database / data manipulation exposure
- OpenSource / GitHub
If you are able to help with this sort of hands on role we'd really like to hear from you.