What you will be doing:
Inform security eco-system design decisions, Cloud, on-prem, SaaS, PaaS, IaaS environments
Consultation relating to AWS and Azure cloud hosting environments, tooling and best practice
Close working with Security Architecture to inform new client focused security solution design (Primary SOC/SIEM focused)
Perform security reviews and identify security gaps in security architecture resulting in recommendations for improvement.
Engineer, implement, maintain, and monitor operational security systems. (ie SIEM, Threat Intelligence platforms, Malware analysis tools etc).
Manage continuous improvement to drive quality, completeness, value and maturity of the service.
Conduct research, analysis, and correlation across a wide variety of all source data sets (indications and warnings) to inform tuning opportunities to drive better security and service efficiencies.
Develop security controls and processes to increase effectiveness, minimize false positives and provide a better experience to customers.
Share knowledge: knowhow and intelligence sharing activities within the SOC.
Represent the SOC when required in relevant security, and technical meetings.
Report on status of each customer environment. (SIEM, Incident analysis and recommendations)
Collect and record data in line with SOC reporting requirements.
Report and maintain a track of log source issues within the respective SIEMs.
Maintain continuous professional development in line with SOC requirements and identified personal development areas.
Coordinate with SOC Analysts to manage and administer the updating of rules and signatures (e.g., intrusion detection/protection systems, antivirus, and content deny lists) for specialized cyber defense applications.
Perform system administration on specialized cyber defense applications and systems, to include installation, configuration, maintenance, backup, and restoration.
Assist in identifying, prioritizing, and coordinating the protection of critical cyber defense infrastructure and key resources.
Raise changes in line with appropriate change management processes.
Investigate and respond to security incidents in line with SOC Mandate when required to assist the SOC Analysts.
Help inform containment and response techniques to detected security attacks and breaches.
Contribute to root cause analysis and lessons learned following any major incident.
Contact customer teams for information gathering.
Apply rule changes to Security tools within the SOC to enhance service.
Act on behalf of the SOC Lead during periods of absence.
Essential Skills
SIEM experience with Azure Sentinel, Splunk & QRadar (Essential !)
Demonstrable experience in a security engineering function to a senior level (Security incident response, code / malware analysis, Strong coding skills, Effective SIEM design, setup, configuration and tuning)
Demonstrable experience of designing security solutions with specific focus on SOC & SIEM technologies
Essential knowledge of AWS and Azure Security technologies
Must have appropriate professional certification - ie CISSP, (CISSP-ISSEP desirable) (Information Systems Security Engineering Professional)
Due to the nature and urgency of this post, candidates holding or who have held high level security clearance in the past are most welcome to apply. Please note successful applicants will be required to be security cleared prior to appointment which can take up to a minimum 10 weeks. LA International is a HMG approved ICT Recruitment and Project Solutions Consultancy, operating globally from the largest single site in the UK as an IT Consultancy or as an Employment Business & Agency depending upon the precise nature of the work, for security cleared jobs or non-clearance vacancies, LA International welcome applications from all sections of the community and from people with diverse experience and backgrounds.
Award Winning LA International, winner of the Recruiter Awards for Excellence, Best IT Recruitment Company, Best Public Sector Recruitment Company and overall Gold Award winner, has now secured the most prestigious business award that any business can receive, The Queens Award for Enterprise: International Trade, for the second consecutive period.