SOC Analyst

Job Description

Civica develops software for local and national government, education, health and care. Over 5,000 public bodies across the globe use our software to help deliver critical services to over 100 million citizens. Our aspiration is to be a GovTech champion everywhere we work around the globe, supporting the needs of citizens and those that serve them every day. Building on 21 years of continuous growth and success, were at a pivotal point on our journey to realise that aspiration. As a company, we re passionate about what we do and the citizens we help to serve. If you too would like to help champion the use of technology in public services, to improve outcomes for citizens and public sector organisations, then Civica is the right place for you. We will help you unlock the best version of yourself, achieve growth in your career whilst making a real difference to people and communities. Why will you love this opportunity as Security Operations Centre (SOC) at Civica As a vital member of our dynamic Security Operations Centre (SOC) team, comprising Analysts, Engineers, and a SOC Manager, youll take the lead in monitoring our SIEM and various security systems to safeguard both CIVICA Group and our valued customers. Your keen eye will assess real-time and historical logs across multiple technologies, helping to uncover potential attack patterns, instances of compromise, and security vulnerabilities. Working closely with your team, youll swiftly determine the most effective response to security events and incidents, while meticulously documenting every step taken to contain and resolve the issues. Youll also manage internal customer requests, particularly in relation to phishing, spam, and Anti-virus challenges. Additionally, youll evaluate risks using a Surface Attack Tool, develop and utilize OSINT tools to gather open-source intelligence from various published sources, and collaborate with different business units to inform, mitigate, or remediate any issues. In this role, youll be in charge of supervising Microsoft Sentinel and Microsoft Defender systems, while also managing other technologies as needed, including IPS, Email Gateways, Web Filtering services, and Antivirus solutions. You ll be on the lookout for patterns of misuse or recurring issues, working together with the team to contain, control, and resolve any incidents. Plus, you ll have the chance to identify opportunities for improvement in our personnel, processes, or technology to enhance the teams overall effectiveness. A deep understanding of security principles Use of Microsoft Sentinel and/or Defender Minimum 3 years experience working in IT, with at least 1 year in a security-based role. Any recognised certific