SOC Engineer

Job Description

Member of a critical role in our cyber security function to ensure enterprise and client data is secure and private. You will help provide 24x7 monitoring for the organization by acting as the first line of defence against potentially malicious events. Support the Security Operations Centre with enhancing SOC tools including design/improvement of working practices and incident responses. Threat Hunting - Analyses security system logs, security tools, and available data sources on a day-to-day basis to identify attacks against the enterprise and report on any irregularities, or issues related to improper access patterns, trending, and event correlations and make suggestions for detection rules and system tuning. Performs research into emerging threat sources and develops threat profiles. Keep updated on the latest cybersecurity threats. Has a sound understanding of SIEM, PAM, CASB, EDR, other threat detection platforms, and Incident Response tools. Develops and executes crisis communication plan for CXO and other stakeholders. Measures SOC performance metrics and communicates the value of security operations to business leaders. Requirements Requirements GCTI, GCDA certification Security Incident Response and Handling techniques Log management and filtering solutions Windows Server based systems including DNS, DHCP, IIS, NPS, RDS, DFS, Hyper-V Cloud platforms (i.e. Azure / AWS) VMware and similar virtualisation technologies Virtualization principles technologies PKI Networking principles Working knowledge of compliance standards such as ISO27001, PCI-DSS Cyber Essentials Plus SIEM Tools Nessus or other Vulnerability management tool Security principles and operations Firewall, IDS/IPS configuration Email and Web filtering services and configuration Preferred Qualification BachelorDegree in computer science with minimum of 7 years related experience. Experience of working in or with a Security Operations Centre and managing security issues and incidents. Benefits