Cyber Security Operations Technician - SIEM (SC Cleared)
£300 - £360
This job has now expired please search on the home page to find live IT Jobs.
Cyber Security Operations Technician - SIEM (SC Cleared), Splunk, ELK, Alien Vault, NAC, FIM, DLP, LAN/WAN, Snow, Unix, Linux, Apple, Windows, Technical, Incident Response, Monitoring, VoIP, Telephony, NAC, FIM, DLP, SIEM, Security Cleared, DV, Tier 1, Tier 2, Government, Public Sector, North West, Salford, Manchester
Performing monitoring, analysis and recovery procedures of security technologies.
Performing deep-dive incident analysis by correlating data from various sources.
Undertaking targeted cyber-attack analysis and response and coordinating incident response processes.
Lead a team of Tier 1 Cyber Security Analysts. Liaise with Tier 2 colleagues, the Cyber Security Operations Centre (CSOC) Manager and Deputy, CSOC Operations and DevOps Team as well as engaging key stakeholders and senior leaders.
* Configuring open source toolsets
* Utilising toolsets for analysis e.g. SIEMs (Splunk, ELK, Alien Vault, etc), IDS/IPS (e.g. network and host-based), NAC, FIM, DLP, vulnerability management, network monitoring, Cyber Security Case management (eg SNow).
* TCP/IP protocol suite, LAN/WAN technologies, switching, routing, VoIP and Telephony technologies, firewalls and VPN, intrusion prevention systems (IPS), vulnerability assessment, patch management tools.
* UNIX, Linux, Apple and Windows technologies.
* Protocol analysers and analysing output.
* Monitoring, analysis and recovery procedures of security technologies.
* Performing deep-dive incident analysis, correlating data from various sources
* Targeted cyber-attack analysis, response, and coordinating incident response processes.
Key Skills / Experience
* Have a minimum of 5 years' experience in a Cyber Security Operations Centre.
* Security Information and Event Management (SIEM) platforms, and Case Management
* Functional experience performing monitoring, analysis and recovery procedures of security technologies
* Functional experience performing deep-dive incident analysis, correlating data from various sources