L2 SOC Analyst
Salary/Rate:£57,500
Job type:Permanent
Town/City:United Kingdom
County/State/Region:United Kingdom
Job ref:1068529
Post Date:13.11.24
Scroll
Meet Our Recruiter
About the Role
Trident Search are currently recruiting for a Level 2 analyst position and will work a 2 shift pattern, covering the early morning from 8am-4pm and the early evening shif of 11am-7pm
The ideal candidate is someone currently operating at a L2 position, but is looking to go in to a busier environment. Here you'll have to isolate multiple devices daily and you can expect actual breaches every week.
Responsibilities.
Salary: Up to £50k + 15%
The ideal candidate is someone currently operating at a L2 position, but is looking to go in to a busier environment. Here you'll have to isolate multiple devices daily and you can expect actual breaches every week.
Responsibilities.
- Monitor and analyse traffic and events/alerts and advise on remediation actions.
- Investigate intrusion attempts and perform in-depth analysis of the attempt by correlating various sources and determining which system or data set is affected.
- Carry out Incident Response actions upon client infrastructure to mitigate and contain verified incidents or intrusion attempts.
- Conduct proactive threat research, with the goal to ingest additional IoC’s or create detection rules based off threat actor TTP’s.
- Analyze a variety of network and host-based security appliance logs (Windows Security Events, Sysmon, Firewalls, NIDS, Sys Logs, etc.) to determine the correct remediation actions and escalation paths for each incident, or how to effectively tune out false positives without hindering the effectiveness of the ruleset.
- Analyze a variety of network and host-based security appliance logs (Windows Security Events, Sysmon, Firewalls, NIDS, Sys Logs, etc.) to determine the correct remediation actions and escalation paths for each incident, or how to effectively tune out false positives without hindering the effectiveness of the ruleset.
- Create playbooks and workbooks within the Azure Sentinel Solution
- Assist with the development of processes and procedures to improve incident response times, analysis of incident, and overall SOC functions
- Create monthly Managed Detect and Respond (MDR) reports for clients
- Support L1's when they escalate true positive and offer confidence in triage, investigation, escalation and remediation.
- Experience with SIEM & EDR solutions (Azure Sentinel. CrowdStrike, Darktrace)
- Proven experience conducting thorough investigations across multiple incidents
- Organizational skills and time management/prioritization.
- Pro-active in maintaining their workload.
- Solid foundation of core Information Security aspects (General Investigation process, overview knowledge of surrounding technologies and frameworks to improve an organisations security posture, pain points faced within the industry).
Salary: Up to £50k + 15%