XDR Security Analyst
Summary
Today, it is an unavoidable fact that your business critical infrastructure and systems are at risk of attack. The key to good security is a clear understanding of what is most critical to the business. Where you do not have enough internal resources, time or skills to monitor and manage your IT environment 24/7, NCC Group can help, freeing up your skilled employees to focus on value-add activity.
NCC Group provide a range of managed and hosted services delivered from our UK based Security Operations Centre SOC which operates 24/7, 365 days a year. Our team of over 30 accredited security experts are available 24/7, dealing daily with over 200 million log events and providing support for over 5,000 network devices.
NCC Group’s Cloud XDR Team provide a world class Extended Detection and Response (XDR) services; detecting, responding and mitigating cyber-attacks on our customers networks in our Security Operations Centres using the Microsoft Sentinel ecosystem.
The Cloud XDR Team are looking for XDR Security Analysts with a passion for security to join the team to help the customers get the most out of our services and to protect their networks.
This is an opportunity to join a technically advanced and talented team and help NCC Group build and deliver world class services to our customers.
This role is ideal for a seasoned SOC Analyst with experience in cyber security looking to broaden their scope of cyber skills with a strong focus on detection and response to cyber incidents.
Primary Responsibilities
- Monitor global systems looking for potential threats, vulnerabilities and indicators of compromise.
- Perform in-depth analysis of security alerts utilizing Microsoft XDR suite (Sentinel/Defender etc)
- Provide Incident remediation and prevention documentation and recommendations to customers based on defined procedures and analyst experience.
- Document and conform to processes related to security monitoring procedures.
- Provide customer service that exceeds our customers’ expectations at all times.
- Initiate escalation procedure to counteract potential threats, vulnerabilities and threat actors.
- Compilation and review of service focused reporting.
- Act as an escalation point for more junior members of the team, providing assistance and mentoring where necessary.
- Providing assistance to Senior Cyber Security Analysts on Threat Hunting engagements.
- Contributing to the continuous improvement of SOC procedures and documentation.
- Perform other duties as assigned.
Experience / Skills
- Practical knowledge of security and networking toolsets such including Microsoft's XDR suite (Sentinel/Defender)
- Pre-existing, in-depth knowledge of common network protocols and endpoint detection/forensics
- Pre-existing, in-depth knowledge of Windows and Linux based operating systems.
- Experience in the extensive analysis of common security incidents.
- Experience in endpoint
- Ability to stay calm in highly sensitive and high pressure incidents.
Certifications
The following certifications are desirable, but not a requirement. Successful candidates that do not possess these Certifications may be tasked with working towards them at the beginning of their employment:
- Azure based certifications (SC-200,AZ-500,MS-500)
- CREST CPSA / CRIA / CMRE / CNIA / CHIA
- CompTIA Security+
- CompTIA Network+
- Other relevant certifications.
Other Information
- Please be aware that this position is based on a 24 x 7 x 365 shift roster.
About NCC Group
We are a global expert in cyber security and risk mitigation, working with businesses to protect their brand, value and reputation against the ever-evolving threat landscape. With our knowledge, experience and global footprint, we are best placed to help businesses identify, assess, mitigate & respond to the risks they face. We are passionate about making the Internet safer and revolutionising the way in which organisations think about cyber security.
Headquartered in Manchester, UK, with over 35 offices across the world, NCC Group employs more than 2,000 people and is a trusted advisor to 15,000 clients worldwide.
If your skills and experience meet the needs of the role requirement, we will endeavour to respond to every application within 10 working days. However, if you haven’t heard back from us within this timeframe on this occasion your application has unfortunately been unsuccessful, but please do continue to keep an eye on our career opportunities as there may be other more suitable roles.
We may also store your CV on our database for any future vacancies. Please email if you do not want us to retain your details. All personal data is held in accordance with the NCC Group Privacy Policy. We are committed to diversity and flexibility in the workplace. If you require any reasonable adjustments to support you during the application process, please tell us at any stage.
*** Please note that this role has background clearance as mandatory due to the nature of the work NCC Group does. To apply, you must be willing and able to undergo the vetting process ***