SOC Analyst - Inside IR35

SOC Analyst

Rate - £550 (a day)

Location - London (Hybrid)

Duration - 6 Months (Initially)

Ir35 - Inside (Must use an umbrella company)

Key Responsibilities:

Security Ticket Management: Support the Cyber Security Operations (Cyber Sec Ops) team in effectively managing and triaging security tickets. This includes analyzing and investigating security incidents, escalating as necessary, and ensuring timely resolution of issues in accordance with defined procedures and service-level agreements (SLAs).
Alerting and Process Refinement: Proactively suggest improvements to both alerting and tuning mechanisms to enhance the accuracy of security alerts. Contribute to refining operational processes, ensuring they align with evolving security threats and the organization's goals for incident detection and response.
Third-Party SOC Engagement: Act as a key point of contact for the third-party Security Operations Centre (SOC), providing expert advice and guidance regarding the organization's Function of Security (FOS). Foster collaborative relationships with external partners to ensure alignment with the organization's security policies and procedures.
SIEM Rollout Support: Provide support, as required, in the rollout and implementation of Sentinel as the Security Information and Event Management (SIEM) solution across the estate. Assist in integrating Sentinel into the existing security infrastructure, ensuring proper configuration and monitoring of security events.
SIEM and Data Connector Experience: Utilize your experience working with SIEM platforms to effectively monitor, analyze, and respond to security events. Leverage your knowledge of M365 Defender and associated data connectors to enhance threat detection, improve visibility across systems, and ensure the effective integration of security tools.
Cyber Reporting Contribution: Contribute to the preparation and presentation of monthly cyber security reports, ensuring the reports reflect high-quality content and insightful analysis. Provide valuable input into the report's structure, helping to highlight key trends, threats, and improvements in the security posture.
Threat Detection and Response: Continuously monitor security events and incidents within the organization's network and systems. Work alongside the SOC team to respond to emerging threats, ensuring timely identification, containment, and remediation. Participate in incident response activities and root cause analysis when required.
Continuous Improvement: Stay informed about the latest security threats, trends, and technologies to continually improve the security monitoring environment. Participate in ongoing training and development to enhance your technical expertise and understanding of the threat landscape.
Collaboration Across Teams: Work closely with cross-functional teams, including IT, network security, and risk management, to ensure that the organization's security posture is continuously evolving and improving. Share insights and collaborate to enhance the overall effectiveness of the security operations program