As a security analyst you will form part of a team which is led by a security operations lead you will be the first point of defence for the company's security operations Centre as a fast growing company we face growing threats every day the role of the analyst will be important as they will be the first in dealing with incoming security alerts of threats.
This is a new project where Cloudpay are building a new SecOps department to maintain the company's security infrastructure exciting and challenging role for someone who already has experience as analyst and working with SIEM environment they will get to help fight and maintain our defence and develop their skills and exposure to a new SIEM development and further their professional career as an analyst this role would suit someone who has 3-5 years of security experience working inside a SOC or Cybersecurity experience working with mainstream SIEM tools like Qradar, Splunk, Arcsight, Open Source tools like Wazuh a bonus an understanding of SOC workflow, confluence, Jira, Linux, Windows, AWS services. If you feel you have the skills and experience that match the role, please get in touch.
**Daily Duties and Main Responsibilities will include**:
- Monitor cyber information, events, alerts, and ticketing queues to identify security events and threats across multiple technologies to ensure security incidents are identified in time.
- Proactively research and maintain a proficiency in current and emerging threats, vulnerabilities and security technology developments.
- Evaluate and utilize intelligence for new threats and vulnerabilities to ensure protective monitoring is capable of detecting potential new attacks.
- Provide assurance of security posture through monitoring security system status.
- Respond to tickets and incidents as assigned. Support the incident and problem response process through to closure to escalation; work with internal and external individuals in preparation and when necessary remediation/suppression.
- Support, maintain, and tune security tooling and systems as assigned. Support and maintain operational procedures and documentation.
- Ensure timely accurate communications of alerts to stakeholders responding to escalations or will escalate if required as per the agreed processes.
- Work collaboratively with teams to position information security as a key enabler within each service area. Make recommendations of countermeasures, mitigating controls, best practice configuration and processes to improve operational effectiveness and efficiency within security operations Proactively support the secure delivery of BIS strategies and delivery objectives.
**Attributes and Experienced Required**:
- 3-5 years' experience working as analyst working in a SOC important
- Experience in using SIEM tools
- Good understanding and working knowledge of Linux, Windows and AWS environments
- Must have security monitoring experience, triage and ticketing experience in ISMS environment
- Experience following and building on security processes and playbooks.
- Certification Network+, Security+ CEH or equivalent experience demonstrable
- Technical understanding of network security HLD
- Experience with NIST & MITRE attack framework
- Important to have team building and teamwork skills
- Be a self-starter and prioritize tasks
- Communicate technical information to non-technical colleagues
- Important to have client communication skills
- Vulnerability Management
- Pen testing skills
**Desirable skills/experience**
- Experience working in PII, PCI-DSS, GDPR compliance environments
- REGEX scripting
- Wazuh rule development
- Nessus configurations
- Wireshark
- WAF
- Application API security Red/Blue Team
**Package and Benefits**:
- Competitive annual salary and benefits package
- 15 vacation days plus public holidays
- Birthday leave
- Flexible remote working
- Private Medical, Dental and Life Insurance
- Personal and professional development opportunities
- Friendly working environment