SOC L2 Analyst responsible for security monitoring and incident investigation. Analyzing escalated alerts, conducting correlation with SIEM, and executing response actions.
About the role
- Leading the Security Operations Team at interactive investor to monitor and respond to security incidents. Ensuring robust security measures to safeguard vital business assets and client investments.
Responsibilities
- Lead the internal ii Security Operations Team (SecOps) in day-to-day activities overseeing the management, strategy, and direction of our SIEM solution, EDR solutions and security incident management.
- Monitor the security landscape, collate reports, evaluate trends and threats against our security posture, and coordinate remediation where required
- Management of our external Security Operations Centre (SOC) and oversight of our SIEM solution.
- Responsible for the security incident process owning incident response, investigations, and lessons learnt.
- Analyse security systems / reports to identify trends and drive secure behaviours throughout the business.
- Lead on a threat intelligence, detection, and response programme of work.
- Lead the SecOps team on proactively identifying, Investigating, and hunting potential attacks and security risks on networks and systems using various platform dashboards and threat feeds.
- Lead the team on analysis of security events as detected by security controls.
- Management of Endpoint Detection and Response (EDR) - overall ownership and maintenance of agents, creation of exception rules, and reacting to alerts.
- Play a lead role in coordinating and directing team efforts during incidents and ensuring prompt escalation
Requirements
- 5 + years in a cyber security role.
- Degree in IT / Cyber preferred or industry recognised qualification.
- 5+ years Knowledge and use of SIEM tooling i.e. Google Chronicle etc.
- Ability to lead a SecOp’s team and follow a defined strategy.
- A deep understanding of technical and network security requirements.
- Strong analytical and troubleshooting skills
- Ability to proactively identify control weakness and vulnerabilities
- Ability to decipher different types of malware and a knowledge of how to deal with it.
- Knowledge and use of SIEM tooling i.e. Google Chronicle.
- Experience in using the MITRE ATT&CK Framework to understand adversary actions and resulting mitigation techniques.
- Excellent attention to detail.
- Ability to remain calm under pressure and clearly communicate to all levels of management.
- Experience in understanding Firewalls and IDS/IPS and Windows Security Event Logs.
- Strong verbal and written communication skills with the ability to articulate complex ideas in easy to comprehend business terms
- Ability to quickly understand existing infrastructure, network security principles, data flow and security architectures.
- Knowledge of the fundamentals of cloud infrastructure as well as traditional technologies.
Benefits
- Group Personal Pension Plan – 8% employer contribution and 4% employee contribution
- Life Assurance and Group Income Protection
- Private Medical Insurance – Provided by Bupa
- 25 Days Annual Leave, plus bank holidays
- Staff Discounts on our investment products
- Personal & Well-being Fund – Supporting your physical and mental wellness
- Retail Discounts – Savings at a wide range of high street and online retailers
- Voluntary Flexible Benefits – Tailor your benefits to suit your lifestyle
Job title
Job type
Experience level
Salary
Degree requirement
Tech skills
Location requirements
Cyber Security Specialist protecting digital estate from threats at the University of Edinburgh. Focused on identifying and mitigating cyber risks while supporting teaching and research services.
Lead Specialist in Security Operations, enhancing detection engineering and incident response at Pearson. Collaborate with teams and drive process improvements in a high - paced environment.
Cybersecurity Incident Response Analyst detecting and responding to cyber threats at NOV. Collaborating using AI tools to enhance cybersecurity operations across IT, cloud, and OT environments.
Security Engineer II at AvidXchange enhancing security operations and incident response. Collaborating with teams to develop, tune and improve security monitoring and automation capabilities.
Director leading security operations strategy and overseeing investigations at Ford Motor Company. Responsible for global investigations, crisis management, and team leadership.
Cloud Security Engineer at Artemys designing and maintaining secure Azure infrastructures, overseeing security monitoring and incident management.
Lead global Cyber Detect and Respond team at Assa Abloy, ensuring timely incident response and security compliance. Oversee operations while collaborating across IT and business functions for effective threat management.
Lead Cybersecurity Analyst responsible for technical leadership of a 24x7 SOC team at AT&T. Drive operational standards, incident response, and continuous improvement initiatives.
Security Engineer safeguarding AWS environments for Genesys Cloud mission. Handling advanced threats and collaborating with SecDev, PenTest, DevOps, and SRE teams.