SOC Analyst

Role Summary

The Cyber Security Engineer is
responsible for supporting NIST CSF / NIST 800 assessments, triaging
penetration test findings, and driving remediation activities across
application, infrastructure, network security, and monitoring platforms.

The role is hands -on and delivery
focused, working closely with architects, platform owners, SOC, and
infrastructure/application teams to translate security findings into actionable
fixes, validate control effectiveness, and support audit‑ready evidence for
regulated/government environments.

Key Responsibilities

NIST Assessment Support (CSF / NIST 800
Series)

• Support
  NIST CSF / NIST 800‑53 / 800‑61 / 800‑92 assessments through:
  

• Control
  evidence collection
  
• Gap
  analysis support
  
• Mapping
  tooling controls to NIST requirements
  

• Assist
  architects and governance teams in preparing:
  

• Control
  implementation summaries
  
• Tool
  capability mapping
  
• Evidence
  packs for audits and client reviews
  

• Track
  and manage security gaps, risks, and remediation actions in line with
  agreed timelines
  
• Support
  continuous improvement initiatives driven by assessment outcomes
  

Penetration Test Findings &
Remediation

• Triage
  and analyse application, infrastructure, and network penetration test
  findings
  
• Work
  with platform and application teams to:
  

• Validate
  findings (true positive vs false positive)
  
• Prioritise
  remediation based on risk and exploitability
  

• Execute
  or support remediation actions such as:
  

• Configuration
  hardening
  
• Policy
  tuning
  
• Control
  enablement or enhancement
  

• Track
  remediation status and provide clear closure evidence for governance and
  audit forums
  

Hands‑on engineering support across:

• Endpoint
  & Infrastructure Security
  
• Vulnerability
  & Exposure Management
  
• Activities
  include:
  

• Policy
  tuning and baseline hardening
  
• Coverage
  and health checks
  
• Supporting
  remediation of vulnerabilities and misconfigurations
  
• Validating
  fixes post‑remediation
  

Support security controls across:

• Cisco
  security platforms
  
• Imperva
  
• Microsoft
  GSA / related network security controls
  

Responsibilities include:

• Supporting
  firewall / network security rule reviews and clean‑ups
  
• Assisting
  with remediation of network‑related pen test findings
  
• Supporting
  change validation and post‑implementation checks
  
• Working
  with network teams to ensure security controls align with NIST and secure‑by‑design
  principles
  

• Support
  SIEM and monitoring platforms:
  

• Splunk
  
• Microsoft
  Sentinel
  

• Assist
  with:
  

• Log source onboarding validation
  
• Detection coverage checks related to NIST and
  pen test scenarios
  
• Validation that remediated controls generate
  expected telemetry
  

• Support
  SOC teams with investigation data where required
  

• Maintain
  accurate documentation for:
  

• Remediation
  actions
  
• Control
  changes
  
• Evidence
  required for audits and MSSR / governance reviews
  

• Participate
  in:
  

• Incident and problem reviews (P1 / P2 support)
  
• Root cause analysis where control gaps are
  identified
  

• Follow
  structured change and release processes (CAB, validation, rollback awareness)
  

Skills &
Experience

• 5 years experience in security engineering / SecOps / blue team
  roles
  
• Exposure to NIST CSF or NIST 800 frameworks
  
• Hands‑on experience supporting remediation across:
  

• Endpoint / infrastructure
  security tools
  
• Vulnerability management
  platforms
  
• Network security controls
  

• Experience working with penetration test reports and remediation
  tracking
  
• Familiarity with SIEM platforms (Splunk and/or Sentinel)
  
• Strong documentation and evidence‑driven mindset (audit readiness)