SIEM - Cyber Security Analyst - Monitoring/Threat Assessment

A Leading FTSE 100 business are looking to hire a Cyber Security Analyst, who holds specific experience in monitoring the Security Information and Event Management (SIEM) System.

• 6 month contract (scope to roll)
• Paying between £400/£500 per day (Inside IR35 - PAYE or Umbrella)
• The role is Hybrid working (4 days a month in the office)
• 12 hour rolling 5 week shift pattern

Key responsibilities of the position

• Act as a first line security event analyst monitoring the Security Information and Event Management (SIEM) System.
• Monitor the alarm console; provide initial analysis of logs and network traffic; and make security event determinations on alarm severity, escalation, and response routing.
• Provide first line telephone, e-mail and ticket routing services for security event notifications and incident response processes.
• Deliver first level investigation and remediation activities as a member of the Security Incident Response Team.
• Participate in Security Incident Response Team (SIRT) events: Conduct research and assessments of security events; provide analysis of Firewall, IDS, anti-virus and other network sensor produced events; present findings as input to SIRT.
• Participate in a Compliance/Vulnerability Assessment (VA) Scanning Capability.
• Follow a documented process for routine scanning of Inmarsat infrastructure and network elements.
• Develop mitigation and remediation plans as a result of the vulnerability assessment findings.
• Monitor threat and vulnerability news services for any relevant information that may impact installed infrastructure.
• Analyze reports to understand threat campaign(s) techniques, lateral movements and extract indicators of compromise (IOCs).
• Create and update security event investigation notes, conduct shift change reports on open cases, and maintain case data in the Incident Response Management platform.
• Document information security operations policies, process and procedures.
• The post will require joining a 24/7 shift rota covering daytime, night time, and weekend work (adequate notification will be provided)

Qualifications

Essential Knowledge and Skills:

• A University degree level education or equivalent in Information Security, Forensics, or Computer Science; related experience and/or training in the field of IT security monitoring and analysis, cyber threat analysis, and vulnerability analysis.
• Understanding of performing 1st level analysis and interpretation of information from SOC systems; incident identification/analysis, escalation procedures, and reduction of false positives.
• A Global Information Assurance Certification (GIAC) Certified Incident Handler (GCIH), GIAC Certified Intrusion Analyst (GCIA), or equivalent certification would be advantageous.
• Intermediate knowledge of Information Security fundamentals, technologies, and design principals.
• Understanding or proven experience in securing Windows, Linux, Oracle and VM platforms.
• Understanding or proven experience of QRadar or similar Security Information and Event Management (SIEM) tools for analysing network and security incidents.
• Experience in Tenable Network Security Nessus, BeyondTrust Retina or similar Vulnerability Assessment (VA) scanner operations for identifying network and platform risks and MIS-configurations.
• Willingness to learn new skills and be self-motivated.
• Ability to work in a team environment, to work under pressure and show flexibility.