SOC Analyst - Fully Remote

SOC Analyst - Fully remote UK (£50,000 - £70,000 + Bonus)

You will be responsible for monitoring clients network and endpoints for security alerts, investigating incidents, and assisting in incident response. You will also play a vital role in maintaining and optimizing our security information and event management (SIEM) platform. While previous experience in a Managed Security Service Provider (MSSP) environment is advantageous, it is not a strict requirement.

Key Responsibilities

• Utilize a SIEM platform (LOGRHYTHM) to monitor the client's network and endpoints for security alerts, and conduct thorough investigations when incidents occur.
• Serve as the first-tier responder for incident analysis and investigation, escalating issues as necessary.
• Contribute to containment strategies during security incidents, data loss, or breaches.
• Assist in the design and implementation of SIEM use cases to enhance detection capabilities.
• Ensure the SIEM platform's health through daily checks and proactive maintenance.
• Employ various applications and systems, including firewalls, IDS, NAC, and encryption programs, to protect sensitive data and perform deeper investigations.
• Collaborate closely with the SecOps Team and engage with specialists to support security control operations.
• Assist in preparing reports documenting security incidents and their impact.
• Support Senior Security Analysts by providing guidance on threats, vulnerabilities, and security changes.
• Stay updated on the latest information security trends to assess their potential impact on the client's environment.
• Participate in an on-call incident response team on a rotational basis (fortnightly).
• Generate relevant reports, including end-of-day summaries, handover reports, management intelligence, and threat and risk analyses.
• Liaise with third-party vendors when necessary to troubleshoot SIEM platform issues.
• Ensure all deliverables align with agreed-upon KPIs and SLAs.
• Follow the lead analyst's direction on the account(s) and assist with other services as required.

Qualifications

• Solid knowledge and understanding of the IT industry and its business needs.
• Strong grasp of information technology and information security concepts.
• Familiarity with security risks and preventive controls.
• Understanding of Firewalls, IDS, NAC, as well as MacAfee EPO and HIPS (advantageous).
• Excellent comprehension of security operational processes and controls.
• Knowledge of the Cyber kill chain, Malware toolkits, Attack surface, and Attack vectors.
• Familiarity with processes for malware analysis and reverse engineering.
• Effective communication skills, with the ability to engage with stakeholders at varying operational levels.
• Team player with the ability to work independently.
• Willingness to follow established processes and enhance them as needed.
• Industry-recognized accreditation or higher education qualification, such as a Cyber Security-related degree, Network+ Sec+, ITIL, or equivalent demonstrable experience.
• Experience working in compliance-driven environments, such as PCI DSS, FSA (UK), and ISO.
• Applicants must be UK-based and able to pass a 3-year security background check.

Required Experience

• Proven 2 years of experience in a similar role, preferably within the Managed Security Service industry.
• Experience providing Managed Security Services or working in Threat/Risk Management environments, with a preference for SIEM platform exposure.
• Proficiency in monitoring security events, analyzing alerts, and managing security incidents, including incident prioritization and escalation.
• Knowledge or experience with Threat Detection and Hunting methodologies.
• Experience supporting Incident and Change Management processes.

SOC Analyst - Fully remote UK (£50,000 - £70,000 + Bonus)