Security Analyst Team lead
|Job Title:||Security Analyst Team lead|
|Contact Name:||Nick Haaker|
|Job Published:||December 19, 2017 16:43|
Your technical expertise as a senior security analyst and experience in the Cyber Security domain would make you an immediate positive asset to my client.
I am currently looking for an experienced senior security analyst/ team lead to manage the SOC and oversee the application of analytic and technical skills to achieve the effective monitoring of network security resources whilst also managing a small team of 3 people (with plans to grow and expand this team). You'll work amongst cutting-edge technology that gives you the opportunity to make a real difference and contribute to the future of engineering excellence
You will be given an excellent benefits package including:
Competitive salary + 12% pension, bonus, healthcare and other great benefits
This company is a leading technology and service innovator, working mainly across Aerospace and Defence sectors; covering Air, Land, Maritime and Space. They deliver outsourced aviation and military related services to customers worldwide and provide communication & critical control solutions to increase safety and capability.
Below are some further details on the role. At the bottom of the page is where you can apply.
The Senior Security Analyst/Team Lead leads and manages the Security Operation Center (SOC). Oversees the application of analytic and technical skills to achieve the monitoring of network security resources. Oversees the investigation and resolution of security incidents and the identification of malicious activity. Supervises and ensures the coordination of incident response.
Reports to: SVP Information and Assurance
Role:Security Analyst Team Lead (SOC)
Location:Bournemouth/ Marlow (would need to spend 2 days in Bournemouth)
Salary:competitive base, 12% pension and bonus
The Senior Security Analyst/Team Lead will lead, manage, and oversee the conduct of advanced network threat detection and analysis of security events identified by SIEM engines, signatures triggered by IPS/IDS, firewalls, syslogs, and endpoint security solutions, and/or escalated via ticket. They will oversee SOC analysts monitoring and parsing security data and netflow feeds, including inspection of correlated events and packet captures. They will supervise the integration of threat intelligence into the corporate network platform by SOC personnel. They will ensure the development, enhancement and implementation of detection and response capabilities, including creation of robust SIEM content, IDS rules, SOP documentation, and creation of incident response methodologies. This individual will be a key part of driving research and product development to help recommend new security tools to improve the current environment and will be expected to work in close coordination with the IT Services team. They will be expected to be able to communicate effectively, evenly, and intelligently via phone, email or ticket updates. And will b expected to remain an SME on cyber security issues through research of industry trends.
*Leads, manages, guides and oversees the SOC personnel review and correlation of intrusion detection and prevention event activities including:
oDetecting and blocking malicious network traffic
oSignature and correlation tuning
oFalse positive reduction
oTCP/IP analysis and manipulations
oDetecting and defeating counter-evasion strategies
oDetecting and eliminating various attack vectors
oEnacting email security techniques
oEngaging data recovery techniques
oConducting analysis of Timestamp & File system
oParsing of logs and log correlation
*Leads manages, guides and oversees SOC personnel, ensuring the determination of the cause, purpose and/or outcome of security events, and resolve activity events
*Supervise the conduct of network and operating system forensics
*Leads, manages, and guides SOC personnel,
*Technical expertise in Information and Network Security including:
*Administration of Carbon Black Endpoints, LogRhythm SEIM management, and Nexpose
*Certification in Ethical hacking.
*Understanding and command of the fundamentals of network routing, TCP/IP and Network Security and associated certification in in Security Management principles.
*2+ years of SOC or MSSP experience with at least 1 year in an in-depth technical role
*2+ years of SIEM experience - with knowledge of content creation (rules, alerts, etc.)
*Strong analytical and investigation skills
*Ability to communicate IT, networking, and security concepts to personnel at all levels of experience and responsibility
*Experience with automated incident response tools (Sysmon, Carbon Black, etc.), packet capture and analysis (tcpdump/windump, Wireshark, etc.) and host and network forensics
*Strong background with in-depth analysis of security events and the ability to triage security events
*Strong understanding of security architectures and devices, threat intelligence consumption and management, malware infections and proactive mitigation, data exfiltration techniques
*Track record of creative problem solving, and the desire to create and build new processes
*Strong time management and multitasking skills as well as attention to detail
*Experience working in fast paced environments, and ability manage workload even during times of stress or escalated activity
*Excellent oral and written communications skills
Electus Recruitment Solutions provides specialist engineering and technical recruitment solutions to a number of high technology industries.
Due to the nature of work undertaken at our client's site you will also be required to undergo security clearance vetting, if not already security cleared to a minimum SC level.
This is a Permanent position
Electus Recruitment Ltd is acting as an Employment Agency in relation to this vacancy.
Get similar jobs like these by email
By submitting your details you agree to our T&C's
DV Cleared Threat/Intelligence Analyst Team Lead
£40000 - £45000 per annum
Senior IT Security Engineer
Team Leader - Systems Engineer
Lead Solutions Architect (Development)