Sitec has a requirement for a 2nd Line Security Analyst - DV Cleared working for our client based in Corsham, Wiltshire.
This is a contract position for an estimated 6 months.
ROLE ACTIVITY - 2nd Line Security Analyst - DV Cleared
* When required perform initial triage/identification of 'Events of Interest' using the SOC toolset
* Complete analysis/correlation of 'Events of Interest' to identify incidents
* Ensuring that all events, events of interest, exceptions & incidents are responded to in accordance with established SOC work instructions, including remedial action/recommendations.
* Create and follow Playbooks
* Complete post incident reporting.
* Provide log analysis to support SOC services (including threat hunting)
* Responsible for SOC work instructions, ensuring they are reviewed & amended.
* Maintain currency in security concepts, tools and best practices
* Produce reports (as per templates) & vulnerability/trending analysis as requested by UK SOC Mgr or key stakeholders.
* Present & review reports to internal & external key stakeholders
* Complete tooling configuration changes including but not limited to filters/tuning/dashboards as authorised.
* Carry out minor tool maintenance as directed by SOC lead engineer.
OTHER INFORMATION (SHIFT REQUIREMENT/ TRAVEL)
There will be a Days and Nights rotation, with 2 free weekends per month. Upon application, we can discuss the shift pattern in more detail.
The role may involve occasional travel to the site in Newport, South Wales.
* SIEM - ArcSight Analyst
* In depth knowledge of Intrusion Prevention Systems (Analysis)
* Firewall / CISO ASA
* TCP/IP Fundamentals
* ITIL Fundamentals (or equivalent)
* CompTIA Security (or equivalent)
* CompTIA Network (or equivalent)
* Wireshark Packet Analysis
* SANS SEC401: Security Essentials (or equivalent)
* SANS SEC503: Intrusion Detection in-depth (or equivalent)
* SANS SEC504: Hacker Tools, Techniques, Exploits and Incident Handling (or equivalent)
* SANS SEC401: Security Essentials
* Ethical Hacker (CEH)
* Cisco Certified Network Associate CCNA
* FIAHMG - Fundamentals of Information Assurance in HMG (leading to CCP)
* CREST (Registered Intrusion Analyst) (CRIA)
* SANS SEC501: Advanced Security Essentials
* All Analysts/Engineers from level 2 onwards are expected to be able to present and write professional reports to key.
* All staff are expected to exercise good time management and work as part of a team
Due to the nature of the work, the successful candidate will need to be DV cleared before starting.
This vacancy is being advertised by Sitec.