SOC Analyst

Reports to: Operations Centre Team Lead

Job Purpose: As a member of a team of a team of Security Analysts and Network and Security Engineers within ITC’s Security Operations Centre (SOC) you will provide security analysis of customer security events, monitor and investigate incidents in customer environments with a focus on security event management, vulnerability management, behavioural analytics and MDR for a portfolio of blue-chip and mid-market customers.        

Key Interfaces: Operation Centre Team Leads, Customer Security teams, Head of SOC, Service Delivery Managers, Project Engineers, SOC Analysts, Network Security Engineers and Vendors.

The Role will Involve:

• Analysis and investigation of alerts arising from Security Event and Information Management tools


• Analysis, investigation and refinement of alerts and reports arising from Network Behaviour Analytics tools


• Vulnerability Scanning and reporting. Prioritising and tracking remediation of vulnerabilities


• Utilising Intrusion Prevention solutions to monitor and alert on potential breaches


• Using packet-capture tools, analyse packet flows and utilise network-based User Behaviour Analytics to understand breaches and track propagation of malware


• Using Threat Intelligence Services to identify potential new threats and develop new mitigations


• Working with customer security teams to detect, contain and eradicate threats


• Understanding of security assessment and penetration testing tools             


• Undertaking other duties from time to time as required

We are Looking for Someone With:

• The following certifications:
  
  
  
  • COMPTIA Security+ (essential)
  
  
  • Microsoft SC-200 (desirable)
  
  
  • Microsoft AZ-500 (desirable)
  
  
  
  


• Exposure working with a previous managed security provider or within an MSSP environment (desirable)


• The ability to communicate fluently and confidently to a high standard in both written and verbal English (essential)


• Experience using ITSM tools (desirable)


• Knowledge and understanding of the phases in incident response and Cyber Kill Chain (desirable)


• Experience in two or more of the following areas (essential)
  
  
  
  • SIEM: Sentinel, other.
  
  
  • Vulnerability and patch management
  
  
  • Behaviour Analytics: DarkTrace, IronNet
  
  
  • MDR/EDR
  
  
  
  


• Has a passion for learning to better themselves and their department


• Has the desire to translate their skills into ways that can improve the function of the Operations Centre


• Enjoys research into emerging threats in the security landscape and identifying and analysing real-world threats


• Works collaboratively, shares information, improves documentation and trains colleagues

Working Hours: Our SOC operates 24/7/365. This role follows a dedicated shift pattern (12 hours shifts - 7-7).

Working Location: Hybrid working pattern, candidates will need to spend 1-2 days per month in our London, Canary Wharf office.

Benefits:          

• 24 shifts annual leave.


• Pension scheme.


• Private health insurance.


• Enhanced maternity and paternity leave.


• Death-in-service life cover.


• Shopping discounts.


• Cycle to work scheme.


• Season ticket/gym loans.


• Online wellbeing centre.


• And more!

This job description is intended to convey information essential to understanding the scope of the role and it is not intended to be an exhaustive list of skills, efforts, duties, responsibilities or working conditions associated with the position.