SOC Engineer
Recruiter
Listed on
Location
Salary/Rate
Salary Notes
Type
Start Date
This job has now expired please search on the home page to find live IT Jobs.
SOC Engineer - Permanent - Essex - DoE- SC / DV or Willing to undergo
The SOC Engineer is part of the IT organisation working in the Security Operations and Networks team. Reporting to the vSNOC manager your role is primarily technical across a variety of fields including computer, network and communications systems for the purposes of Security Operations. You will be a key player across technology groups interfacing with Network, Data Centres and our internal design authority with a remit of driving cyber best practises into our operation.
You will be responsible for the daily maintenance and support of applications and related hardware associated with our solutions for intrusion detection (IDS), Security Incident Event Monitoring (SIEM), and packet capture (PCAP). You will also be a subject matter expert for these tools, providing guidance to our security Operations centre.
Specifically you will be expected to deliver upgrades and manage configuration of technology that underpins cyber operations, this is will include working with and management of external vendors and service partners.
Main Duties:
* Responding to requests from SOC to tune SIEM, IDS and associated tooling in an effective and timely manner.
* Working with threat management teams and liasing directly with Network and DC teams to ensure Network architecture, Security Zone configuration and deployment of sensors and remediation platforms Is optimal and effective.
* Proficiency in use and maintenance of SIEM or Security Toolsets (such as Nexpose, Qradar, Splunk, Tenable, Magnet, Encase, Becrypt, and SANDBox systems).
* Responsible for the maintenance and currency of tooling, ensuring tools are available and being maintained supporting Incident and Vulnerability response.
* Planning, preparing and executing technology change across a rapidly evolving environment.
Essentials:
* You will be a self starter with the ability to prioritise your own workload.
* Experience of working in a SOC environment with proven experience in systems management.
* Ability to obtain and maintain full UK Secret clearance.
* Experienced in working with TCP/IP, Firewalls and network technology (Cisco, Juniper, Microsoft etc).
* Industry qualifications such as CISSP, CCNP, MCSE or CMI Malware Investigations or equivalent.
* Excellent customer facing skills, internally and externally facing with nationals and international agencies.
* ITIL Foundation.
Desirables:
* Experience of creating small utilities or scripting in Powershell, Perl or Python.
* Experience of working in MOD and/or other regulated industries i.e. banking, telecommunications.
* An understanding of designing and implementing secure systems to HMG security requirements.
* Any knowledge of cyber security best practises such as GPG13, NIST 800-53, NIST 800-171, ISO27001 would be advantageous.
RECOMMEND A FRIEND: If you have professional friends/colleagues who would be interested in one of our roles and our excellent levels of service too, we'd like to recognise your recommendations with a 'thank you' of our own. For every colleague you refer who then starts a role through Datasource either Contract or Permanent, we will send you £300!
You will be required to hold a minimum of SC / DV or Willing to undergo. If you do not hold an active SC / DV or Willing to undergo please familiarise yourself with the vetting process before applying.
(c) Copyright Datasource Computer Employment Limited 2018.
