Orange Cyberdefense is Europe's leading cyber security services and solutions provider, and we are currently looking for a CyberSOC Security Analyst to join our team in Maidstone.
The CyberSOC Security Analyst's function is to identify, analyse and notify our customers of Attacks or Compromises that are reported on our SIEM platform and via Threat Hunting activities. To investigate, interrogate, review and analyse all data that could potentially be an indicator of attack or compromise, or simply signs of suspiciousness.
The Security Analyst's responsibility is to look for the needle in the haystack via our SIEM and related platforms and provide actionable intelligence and information around true signs of the bad guys.
Your key responsibilities as a CyberSOC Security Analyst will be:
- Triaging and investigating alarms on the Managed Threat Detection platform, providing quality information to clients based on the data within the MSIS platforms
- Assessing the severity of risk in a priority-based ticket and pursuing actions efficiently, enabling the client to make informed decisions regarding seriousness and impact of the threat, and providing recommendations to assist with investigation and mitigation
- Attending designated client service reviews to provide ongoing assistance, ensuring that the customer understands the full extent of our capabilities and to help them obtain the maximum value from what our service can offer
- To undertake daily threat hunting routine investigations and work on threat hunting campaigns
- To review all operational alarms to ensure that client's networks are always forwarding log data
- To work with the client to ensure that they understand the information and context that is provided to them and that the follow up actions are followed through
- Management and delivery of cyber security reports
- Review Orange Cyberdefense Threat Advisories and campaigns provided by research teams; and identify and write detection methods for implementation by the SIEM platform team within the CyberSOC platform
- Ongoing tuning activities; communicating to the SIEM platform team relating to global and customer-specific rules to ensure efficient running of the platform.
- To assist with the design, implementation and support of extended capabilities like Canaries and Domain Squatting
To join us as a CyberSOC Security Analyst, you must hold the following qualifications and experience:
- You must have prior experience in Security Analysis
- You will hold either a Computer Science, Engineering, Cyber Security or Forensics related University degree
- You must have operational experience working with the SIEM platform from an analysis perspective
- You will ideally have extensive experience with LogRhythm
- You will have a basic understanding of Security Operations, including either Vulnerability Scanning, IDS/IPS, Threat Detection, DFIR or Threat Hunting
- Experience coding basic scripts in a language like Python or equivalent
- You will have a basic working knowledge with real-world enterprise IT including Windows and Linux OS, IP networks, firewalls, Active Directory and the like
- You will have an inquisitive mind and ability to analyse log data and relate back to existing vulnerabilities (eg Wannacry Ransomware)
- Knowledge of current attack vectors and methodology
- You will ideally have experience of working within a CyberSOC or similar client facing role
By joining one of the world’s leading cyber security companies as a CyberSOC Security Analyst, you will be offered the following:
- An opportunity to join a forward-thinking company and a role that allows for a deeper understanding of the industry
- Competitive salary
- A supportive work environment, working alongside industry experts
- Private medical healthcare
- Health cash plan
- Company pension
- Life insurance
- A free annual eye test
- Company events several times per year
- Cycle to work scheme
- Employee discount scheme
Please send your CV now for immediate consideration.