Security Operations Centre (SOC) Analyst Job In London, England

Security Operations Centre (SOC) sits within the IT Security department and reduces the impact of cyber security incidents against the Bank’s Infrastructure by monitoring key security and business systems for anomalous behaviours. It provides containment, eradication and remediation recommendations to business and system owners. This is an exciting opportunity for a strong, experienced, security analyst to join a team using leading and cutting edge security products to protect the Bank’s information assets from cyber threats. This is a real opportunity to bring your experience and expertise to an agile, fast moving team supporting a highly prestigious organisation that faces a unique and determined threat landscape. Role Description You will help to reduce the impact of cyber security incidents against the Bank’s Infrastructure by using a range of leading edge IT security tools to monitor key security and business systems for anomalous behaviours. You will act as Incident Handler for any detected incidents and work with other teams to provide containment, eradication and remediation recommendations to business and system owners You will work to constantly evolve the services the SOC provides, helping to integrate the latest techniques for detecting cyber threats, tuning security detection capabilities, and ensuring that more junior team members are continually developing their skills against the latest best practice. As we’re looking for an experienced individual for this role you will have be able to demonstrate well-honed detection and analytical skills with a proven ability to identify and mitigate advanced, targeted cyber threats. You’ll be working alongside a range of other teams including Malware and Forensics specialists, IT Infrastructure and Operations teams and external 3rd party cyber defence organisations. You will be expected to have a solid knowledge of their duties and how they fit within an effective Security Incident Handling workflow. You’ll have a proven ability to act as a technical lead of an operations shift and by doing so support, mentor and develop more junior members of the team in order to develop their skills and techniques. Job Requirements Essential: • Advanced knowledge of current and emerging threats and attack techniques; • Expertise in the field of advanced threat detection utilising log, network and host based toolsets. The ability to tune and evolve such capabilities in line with new attack techniques; • Proven experience in Incident Handing of Major, high impact incidents with the ability to generate clear, concise recommendations and coordinate activities and professional communications across a range of stakeholders, internally and externally, and often under significant pressure; • Solid understanding of the tools and techniques used by Incident Response teams in order to further analyse the impact and exposure to cyber threats. Ability to work alongside and assist such teams in their duties; • Experience of creating, maintaining and developing operational procedures to better analyse, escalate, and assist in remediation of critical information security incidents; • Experience in a related security position; • Experience of maintaining a secure network through configuring and managing typical Security Enforcing Devices, such as Firewalls, Proxies, IDS/IPS devices, EPO; • Knowledge of SNORT and other common detection signature languages; • In depth experience of other common devices, such as routers, switches, hubs. Troubleshooting Windows environments; • Attention to detail and great organizational skills; • Experience of using SIEM tools such as RSA Envision, ArcSight, LogLogic, Q1 labs, Symantec Endpoint; • Experience of full packet capture tools e.g. Wireshark, Niksun, Netwitness to monitor network activity for threats. Desirable: • Experience of working in commercial and/or Defence Information Security Operations environments; • A graduate or equivalent in IT or a related science subject; • Qualifications within the IT Security field desirable e.g. Certified Intrusion Analyst (GIAC), Certified Incident Handler (GCIH), Certified Information Systems Security Professional (CISSP); • Prepared to become SC and DV cleared; • Ability to lead internal and external technical meetings and influence customer activities; • Exposure to IT service management best practices such as ITIL; • Software engineering, programming or scripting knowledge. Eg Perl, Java, .Net.; • An understanding of Information Assurance policy and best practice relating to controls which manage the risks around Confidentiality, Integrity and availability of information

Security Operations Centre (SOC) sits within the IT Security department and reduces the impact of cyber security incidents against the Bank’s Infrastructure by monitoring key security and business systems for anomalous behaviours. It provides containment, eradication and remediation recommendations to business and system owners.
This is an exciting opportunity for a strong, experienced, security analyst to join a team using leading and cutting edge security products to protect the Bank’s information assets from cyber threats. This is a real opportunity to bring your experience and expertise to an agile, fast moving team supporting a highly prestigious organisation that faces a unique and determined threat landscape.

Role Description

You will help to reduce the impact of cyber security incidents against the Bank’s Infrastructure by using a range of leading edge IT security tools to monitor key security and business systems for anomalous behaviours. You will act as Incident Handler for any detected incidents and work with other teams to provide containment, eradication and remediation recommendations to business and system owners
You will work to constantly evolve the services the SOC provides, helping to integrate the latest techniques for detecting cyber threats, tuning security detection capabilities, and ensuring that more junior team members are continually developing their skills against the latest best practice.
As we’re looking for an experienced individual for this role you will have be able to demonstrate well-honed detection and analytical skills with a proven ability to identify and mitigate advanced, targeted cyber threats.
You’ll be working alongside a range of other teams including Malware and Forensics specialists, IT Infrastructure and Operations teams and external 3rd party cyber defence organisations. You will be expected to have a solid knowledge of their duties and how they fit within an effective Security Incident Handling workflow.
You’ll have a proven ability to act as a technical lead of an operations shift and by doing so support, mentor and develop more junior members of the team in order to develop their skills and techniques.

Job Requirements

Essential:
• Advanced knowledge of current and emerging threats and attack techniques;
• Expertise in the field of advanced threat detection utilising log, network and host based toolsets. The ability to tune and evolve such capabilities in line with new attack techniques;
• Proven experience in Incident Handing of Major, high impact incidents with the ability to generate clear, concise recommendations and coordinate activities and professional communications across a range of stakeholders, internally and externally, and often under significant pressure;
• Solid understanding of the tools and techniques used by Incident Response teams in order to further analyse the impact and exposure to cyber threats. Ability to work alongside and assist such teams in their duties;
• Experience of creating, maintaining and developing operational procedures to better analyse, escalate, and assist in remediation of critical information security incidents;
• Experience in a related security position;
• Experience of maintaining a secure network through configuring and managing typical Security Enforcing Devices, such as Firewalls, Proxies, IDS/IPS devices, EPO;
• Knowledge of SNORT and other common detection signature languages;
• In depth experience of other common devices, such as routers, switches, hubs. Troubleshooting Windows environments;
• Attention to detail and great organizational skills;
• Experience of using SIEM tools such as RSA Envision, ArcSight, LogLogic, Q1 labs, Symantec Endpoint;
• Experience of full packet capture tools e.g. Wireshark, Niksun, Netwitness to monitor network activity for threats.

Desirable:
• Experience of working in commercial and/or Defence Information Security Operations environments;
• A graduate or equivalent in IT or a related science subject;
• Qualifications within the IT Security field desirable e.g. Certified Intrusion Analyst (GIAC), Certified Incident Handler (GCIH), Certified Information Systems Security Professional (CISSP);
• Prepared to become SC and DV cleared;
• Ability to lead internal and external technical meetings and influence customer activities;
• Exposure to IT service management best practices such as ITIL;
• Software engineering, programming or scripting knowledge. Eg Perl, Java, .Net.;
• An understanding of Information Assurance policy and best practice relating to controls which manage the risks around Confidentiality, Integrity and availability of information

Security Operations Centre (SOC) Analyst

You may also like

Alarming Decline in Cybersecurity Job Postings in the US

The CISO Journey in 2024: Looking at the Year Ahead

Interview: Moving Jobs in the Cyber Vendor Market

Accenture to Create 3000 Tech and Cyber Jobs in the UK

US Cybersecurity Firm Opens New Belfast Office

What’s hot on Infosecurity Magazine?

Alarming Decline in Cybersecurity Job Postings in the US

Quishing Attacks Jump Tenfold, Attachment Payloads Halve

Akira Ransomware Group Rakes in $42m, 250 Organizations Impacted

North Korean Group Kimsuky Exploits DMARC and Web Beacons

New Cyber-Threat MadMxShell Exploits Typosquatting and Google Ads

Russia's Sandworm Upgraded to APT44 by Google's Mandiant

Cybersecurity Pros Urge US Congress to Help NIST Restore NVD Operation

North Korean Group Kimsuky Exploits DMARC and Web Beacons

Report Suggests 93% of Breaches Lead to Downtime and Data Loss

US Government and OpenSSF Partner on New SBOM Management Tool

Russia and Ukraine Top Inaugural World Cybercrime Index

FBI Warns of Massive Toll Services Smishing Scam

Incident Response: Four Key Cybersecurity Measures to Protect Your Business

Is MFA Enough? Strategies for Next-Level Identity Security in 2024

Disinformation Defense: Protecting Businesses from the New Wave of AI-Powered Cyber Threats

Navigating the Evolving Cybersecurity Compliance Landscape in 2024

Adapting to Tomorrow's Threat Landscape: AI's Role in Cybersecurity and Security Operations in 2024

Untangling the Web: Navigating Third-Party Risk in a Hyperconnected World

Infosecurity Magazine Spring Online Summit 2024: Day One

Infosecurity Magazine Spring Online Summit 2024: Day Two

Russia’s Midnight Blizzard Accesses Microsoft Source Code

I-Soon GitHub Leak: What Cyber Experts Learned About Chinese Cyber Espionage

LockBit Takedown: What You Need to Know about Operation Cronos

Women in Cybersecurity at Infosecurity Europe 2024