Senior Information Security Analyst

Opportunity: Senior SOC Analyst (Level 3)Location: Crawley, United KingdomOn Site: YesSalary: £65,000 plus Bonus and Doubled Pension ContributionsWe're working with our client in the renewable energy space, who have a new Senior SOC Analyst opportunity! This would be a great opportunity for an experienced Level 3 analyst, or a Level 2 SOC Analyst who's ready to step into a level 3 position. You'll be working with a team of collaborative, likeminded professionals, who are tooling agnostic to solve problems as and when they come in. Key Responsibilities: Analyse and assess multiple threat intelligence sources and indicators of compromise (IOCs) to identify new threat patterns, vulnerabilities, and anomaliesUsing this intelligence and available tools, search the business environment to find and remove 'hidden' threats that may have initially evaded detective controls. Develop and create SOC policies, technical standards, and procedure documentation in consideration of current industry best practices.Work with MSSP and service owners to ensure the onboarding of all log sources into the SIEM solutionCreate alert use cases to correlate suspicious activities across assets and environments to identify patterns of anomalous activityImprove security incident response playbooks and processes, lead responses to escalated alerts and high-severity incidents, and provide senior-level response activities such as incident tracking, partner communication, remediation oversight, reporting, and applying root cause analysis lessons.Support and develop the Business's SOAR platform, produce new automation workflows using SOAR tools for common attack types, and enhance operational playbooks for efficient security event correlation and enrichment. Identify, analyze, and report on serious cyber incidents. Perform forensic analysis on data from multiple sources, present reasoned action and response activities to contain and eradicate threats from the Business's network systems.Participate in regular cyber-attack simulations to test organizational resilience and improve cyber defenses and preparedness. Promote continuous improvement of security operations' reporting, including dashboard creation and development of key security and performance metrics. Support technical implementation, maintenance, and configuration of security tools to aid effective threat prevention, detection, and response.Develop creative solutions to automate security event monitoring, detection, and response, and review security event use cases and log correlation.Key experience and qualifications for success: Knowledge of adversarial tactics, techniques, procedures (TTPs) and industry standard frameworks (e.g. Mitre ATT&CK).Hands on knowledge of SIEM and SOAR solutions, Identity and Access Management and Data Loss Prevention technologies, including FortiSIEM, Q-Radar, McAfee Web Gateway, McAfee ePolicy Orchestrator, Darktrace and Microsoft Defender and SentinelWorking with security technologies including SIEM, SOAR, EDR, NAC, AD, DLP, /AV, IDS/IPS, Web Filtering, Email Filtering, Behavioural Analytics, TCP/IP Protocols, network analysis, and network/security applications.Developing incident response playbooks/processes, Security Orchestration, Automation and Response (SOAR), red-team exercises and table-top crisis war games.As dedicated recruitment professionals, we prioritize confidentiality. InfoSec People values diversity, equity, and inclusion (DE&I). Please share any information or accessibility needs to aid your process; we’ll do our best to cater to specific requirements.For further details, please send the most current version of your CV and a good time to speak to Becca at InfoSec People, or please click apply or get in touch with Becca for an open, honest, and confidential conversation;📞 01242 507109📧 #####