Job Description
Job Title: Cyber Security Analyst (R2)
Summary
Today, it is an unavoidable fact that your business critical infrastructure and systems are at risk of attack. The key to good security is a clear understanding of what is most critical to the business. Where you do not have enough internal resources, time or skills to monitor and manage your IT environment 24/7, NCC Group can help, freeing up your skilled employees to focus on value-add activity.
NCC Group provide a range of managed and hosted services delivered from our UK based Security Operations Centre SOC which operates 24/7, 365 days a year. Our team of over 30 accredited security experts are available 24/7, dealing daily with over 200 million log events and providing support for over 5,000 network devices.
We are specialists in SIEM, our services backed by our EDGE methodology built up through dozens of major deployments and hundreds of use cases with many of the UK’s largest companies. We are the UK’s largest DDI service provider and the leading integrator for Carbon Black, Splunk, Log Rhythm, Defender ATP and Azure Sentinel in the UK.
We provide a single point of contact for all of your managed security needs and can work with you to define and achieve you own individual security requirements. Our team of experts provide proactive monitoring and reporting, monitoring your equipment to ensure maximum availability and responding to calls to support change requests and helping diagnose system issues.
Read more about the services offered by the NCC Group Security Operations Centre here: https://www.nccgroup.trust/uk/our-services/security-consulting/managed-and-hosted-security-services/
Primary Responsibilities
§ Monitor global IDS, Network Intruder, Firewall, DDoS detection and mitigation, availability and SIEM platforms looking for potential threats, vulnerabilities and indicators of compromise.
§ Provide Incident remediation and prevention documentation and recommendations to customers based on defined procedures and analyst experience.
§ Document and conform to processes related to security monitoring procedures.
§ Provide customer service that exceeds our customers’ expectations at all times.
§ Initiate escalation procedure to counteract potential threats, vulnerabilities and threat actors.
§ Compilation and review of service focused reporting.
§ Act as an escalation point for more junior members of the team, providing assistance and mentoring where necessary.
§ Providing assistance to Senior Cyber Security Analysts on Threat Hunting engagements.
§ Contributing to the continuous improvement of SOC procedures and documentation.
§ Perform other duties as assigned. Experience / Skills
§ Practical knowledge of security and networking toolsets such as SIEM, IDS, Vulnerability Management,
Availability Monitoring, packet capture and other threat detection technologies.
§ Pre-existing, in-depth knowledge of common network protocols.
§ Pre-existing, in-depth knowledge of Windows and Linux based operating systems.
§ Experience in the extensive analysis of common security incidents.
§ Ability to stay calm in highly sensitive and high pressure incidents.
§ Experience with Sentinel, Carbon Black, Zendesk, Proofpoint, Sophos and Splunk is desirable but not required.
Certification
The following certifications are desirable, but not a requirement. Successful candidates that do not possess these certifications may be tasked with working towards them at the beginning of their employment:
§ CREST CPSA / CRIA / CMRE / CNIA / CHIA
§ CompTIA Security+
§ CompTIA Network+
§ Degree in related field.
§ Other relevant certifications.