L3 SOC Analyst / TH

An award-winning MSP are adding to their growing SOC and are looking for a passionate senior cyber security individual to be part of their team leveraging the Microsoft security stack. This role is based in Australia, adding another element to our clients cyber services. You will be working alongside the UK SOC to deliver fast response incident management, threat hunting capabilities and elite customer service. As a service driven organisation our client prides themselves on attracting and retaining the best people in our industry which in turn is fundamental to the strong culture and identity they foster. Key experience 3-4 years in a SOC/security team Degree in a Computer Science discipline OR equivalent work experience. Experience in understanding the Mitre Att&ck framework or any other security defence framework. Experience mentoring lesser experienced analysts Experience in Microsoft Azure or any other Cloud based technology. Main Responsibilities Responsible for monitoring the Microsoft technology stack, EDR, CASB, SIEM, SOAR tools. Proactive threat hunting is actively encouraged, especially when no alerts have been generated. Create and improve playbooks or runbooks. Creating and documenting process and procedures Respond to security alerts which are obtained from any of the security technology stacks. Be proactive and make use of available toolsets to look for compromises within customer environments. To work with our other internal teams within the company and be a SME on security Create technical documentation in the form of use cases of playbooks Asses new threats and propose detection logic for new rule sets. Utilise tools available, as a Microsoft Gold partner you will have the opportunity to work exclusively on a Microsoft stack environment. Keep your knowledge up to date around the current world threat landscape. Responsible for design of security alerts and incidents Follow all company procedures and maintain awareness around the security and regulatory landscape. This is an exciting time to join a fast growing SOC team in Aus, and a real opportunity to be a part of something special! Go ahead and apply now!

Trident Search are working with an incredibly niche MSSP who specialise in threat detection. They leverage some of the best technologies on the market and are looking for someone who is incredibly analytical. Working for this client, you will gain valuable experience detecting threats and aiding clients in mitigation and remediation processes. This is a technical position, and it will require you to get involved across all areas of blue teaming. From initial triaging through to remediation, threat hunting and incident response (on call rota, 1 in 5 weeks).  Location: Remote / London Hours: 09:00-17:30 (on call responsibilities, 1 week in 5) Responsibilities:  Monitor, investigate and report potential cyber threats. Communicate and escalate threats to clients, providing support and guidance where needed. Maintain and support deployed advanced threat protection solutions. Interpret and collate threat analysis into analytically concise incident and threat reports. Maintain and improve the Advanced Threat Management Service offering to ensure a continued high level of service is delivered. Aid pre-sales teams in selling threat detection solutions Requirements: This position requires a detail oriented, critical thinker who can anticipate issues and solve problems. You should be able to analyse large datasets to detect underlying patterns and identify cyber-attacks, malware, and threat actors, determining potential impact and develop remediation guidance.   Knowledge of current and emerging advanced cyber threats, attack and evasion techniques, command and control infrastructures and insider threat behaviour. Understanding of typical malware functionality and capabilities. Understanding of the tools and techniques used by SOC and Incident Response teams. Forensic experience with full network packet capture tools and understanding of common network protocols. Experience with typical security technologies i.e., SIEM, NDR, EDR, Firewalls, proxies, IDS/IPS (snort, bro), DLP, endpoint solutions, access control. Solid understanding of large-scale networking technologies. Solid troubleshooting skills — Windows, Linux, and network environments. Knowledge of scripting languages (e.g., Python, BASH). SANS GIAC or similar certification would be beneficial but not required. If you're passionate about hunting and have a strong technical knowledge, then please send Gareth Davies @ Trident Search a message and apply now