Security Analyst- Tier 1

We are Kocho 

Kocho recognise that technology on its own does not deliver change and offers technology adoption services alongside excellent technical consulting to enable our clients to achieve their business goals on their journey to Become Greater.

Our head office is in the heart of London’s West End and provides a comfortable working environment with flexible collaboration spaces that encourage our people to Become Greater with the aim to Do What’s Right.

In 2022 we be opened new offices in Cardiff and Cape Town which follow the style of our London space. Kocho is an equal opportunities employer. We make recruitment decisions based on qualifications, skill set and experiences. We consider all suitable candidates regardless of their age, sex, gender reassignment, race, religious beliefs, or lack thereof, marital status, disability or sexual orientation or any other protected characteristic. This is mindset aligns with our company values as we understand that we are Better Together.

Here is the role: 

To monitor, detect, investigate, analyse, escalate and respond to security incidents and events in a timely manner within the Security Operation Center environment. 

This is what we need from you: 

• Monitor security events and alerts generated by various security tools such as Microsoft Sentinel and Defender 

• Good understanding of cloud services, ideally Microsoft Azure 

• Experience
  using Microsoft Sentinel and KQL to conduct analysis of a wide range of security alerts 

• Respond to security incidents and conduct incident investigations, identifying the root cause of the incident 

• Escalate high severity incidents in a timely manner to satisfy Service Level Agreements 

• Collaborate with Engineers within the organisation to develop and implement security controls and solutions to mitigate risks and threats 

• Provide technical support to other teams within Kocho and for our clients to resolve security-related issues 

• Possess strong written and verbal communication skills to clearly communicate with clients 

• Keep up-to-date with the latest security technologies, tools, and techniques to improve security posture 

• Produce reports on security incidents, threat intelligence, and security risks to senior management and clients 

• Take part in ad-hoc shifts based on various clients’ requirements 
  

Would be great if you have: 

• Additional experience in other SIEM tooling 

• Good understanding of Security best practice 

• Experience fine-tuning alerts in Sentinel and Defender 

• Experience in Phishing Analysis 

• Excellent analytical, problem-solving, and communication skills as well as ability to work under pressure 

• Ability to quickly develop new skills and adapt to the ever-changing threat landscape 

• Solid understanding of Confidentiality, Integrity and Availability (CIA) triad 

• Familiarity with the Linux terminal and Linux file system hierarchy 

• Microsoft SC-200, Microsoft SC-900, Blue Team Level 1 or equivalent certification would be beneficial