DV Cleared SIEM/ Incident SME Analyst 00254732 Corsham

Premium Job From Computer Futures


Computer Futures

Listed on

22nd May




£650 - £670



Start Date


This job has now expired please search on the home page to find live IT Jobs.

Role Description: Main Tech Skills required are ELK (Elastic, Logstash, Kibana) and Tanium The Cyber role is to join a growing security team responsible for designing, delivering and maintaining operational cybersecurity capabilities. Conducting pro-active, risk-based, protective monitoring on priority C4IS/networks to identify internal and external cyber-threats/attacks. This position involves a broad range of skills, including the development and mentoring of junior analysts, monitoring networks to actively remediate unauthorised activities. Your role Develop and integrate security event monitoring and incident management services.Respond to security incidents as they occur as part of an incident response team.Implement metrics and dashboards to give visibility of the Enterprise infrastructure.Use of the SOAR platform to assist with playbook automation and case management capabilities to streamline team processes and tools.Produce documentation to ensure the repeatability and standardisation of security operating procedures.Develop additional investigative methods using the SOC's software toolsets to enhance recognition opportunities for specific analysis.Maintain a baseline of system security according to latest threat intelligence and evolving trends.Participate in root cause analysis of incidents in conjunction with engineers across the enterprise.Provide Subject Matter Expertise (SME) on a broad range of information security standards and best practices.Offer strategic and tactical security guidance including valuation requirement of technical controls.Be part of the CRM processLiaise with the SOC engineers to maintain up-to-date dashboards of security alerts, to allow the organisation to better respond to an incident.Document, validate and create operational processes and procedures to help develop the SOC.Assist in identifying, prioritising, and coordinating the protection of critical cyber defence infrastructure and key resources.Build, install, configure, and test dedicated cyber defence hardware.Support Junior Analysts to manage SOC systems.Previous experience of Enterprise ICS/network architectures and technologies * Experience and knowledge of SIEM solutions; having the ability to identify use cases and their creation, their deployment and tuning.Experience as a mentor/coach to junior analysts Your profile Previous experience of utilising the MITRE ATT&CK and Cyber Kill Chain frameworks * Skilled in maintaining Microsoft directory services.Skilled in using virtualisation software.Knowledge of key security frameworks (e.g. ISO, NIST 800-53, 800-171, 800-172, C2M2) * Excellent communication skills * Experience of writing Defence/Government documentation Desirable Qualifications:Broad Spectrum Cyber Course (SANS SEC401 or SEC501 or equivalent) * SIEM Design, Architecture and Analyst Course (SANS SEC455 or SEC555 or equivalent) * Advanced Analyst Course (SANS SEC503 or equivalent)Active DV Clearance2 days a week on sitePlease click here to find out more about our Key Information Documents. Please note that the documents provided contain generic information. If we are successful in finding you an assignment, you will receive a Key Information Document which will be specific to the vendor set-up you have chosen and your placement.To find out more about Computer Futures please visit www.computerfutures.comComputer Futures, a trading division of SThree Partnership LLP is acting as an Employment Business in relation to this vacancy | Registered office | 1st Floor, 75 King William Street, London, EC4N 7BE, United Kingdom | Partnership Number | OC387148 England and Wales

You are currently using an outdated browser.

Please consider using a modern browser such as one listed below: