World Class Defence Organisation based in Stevenage, Hertfordshire is currently looking to recruit 2x SOC Threat Detection Analyst subcontractors on an initial 12 month contract.

This role can start on an SC Security Clearance basis, however DV Clearance will be required down the line.

This role would suit someone from a Cyber Security Analyst, SOC Analyst or Threat Detection Analyst background.

Hourly Rate:£81.35 per hour

Contract Duration:12 Months

Shift pattern:6.00am - 2.00pm & 2.00pm - 10.00pm / 5 days a week on site.

SOC Threat Detection Analyst Job Description:

An opportunity has arisen in the Cyber Security Operations Centre (SOC) within Information Management (IM) for a Cyber Threat Operations specialist. Supporting the Active Defence & Incident Response Manger in assisting IM meet the challenges and demands of countering the Cyber Threat. The successful applicant will drive a proactive ethos in an ever-changing cyber security environment and provide robust threat hunting, detection and analysis within the 24x7 SOC.

Responsibilities:

To support the Active Defence Incident Response Manager in assisting Information Management UK meet the challenges and demands of countering the Cyber Threat. Support for the operational functions of the UK SOC. To work with other UK SOC members, including the UK InfoSec Team and the IM Domains (Customer Support and Infrastructure / Information Systems).

It will cover Threat hunting, analysis, monitoring, Optimising, reporting, alerting and investigation activity utilising a wide variety of security platforms including AI/ML and behavioural analytics, SIEM (Security Information Event Management), Network Packet Capture platform, Anti Malicious Code, Threat Detection technologies and platforms across the UK Network Perimeter working with the best standard technologies.

The Cyber Threat Operations specialist reports to the Active Defence & Incident Response Manager. The Cyber Threat Operations specialist conducts a range of analysis and assists the incident response team with investigations that need to be escalated to an embedded member of staff.

The Cyber Threat Operations specialist key responsibilities are:

• Conduct proactive Threat Hunting in collaboration with the CTI function
• Lead Optimisation of the Threat Detection rulesets working with the ISR function
• Assist with the maintenance of Security technologies
• Assisting the SOC Team with project activity
• Supporting the Incident responder with HR and InfoSec related investigations
• Attend routine security meetings

Skillset/experience required:

• A career background in Cyber Security. Security awareness and experience in all areas of IT, primarily Network Security, Infrastructure and the secondary area being Operating Systems & Applications.
• Demonstrable experience with YARA and Sigma rulesets
• Knowledge of IT Security standard methodologies.
• Demonstrable understanding of the OSI Reference Model and the network communication protocols, including but not limited to DNS, HTTP/S, SSL, SMTP, FTP/S, LDAP/S.
• Demonstrable experience with Security Information Event Monitoring Tools and/or Network Packet Capture tools.
• Hands on experience with IDS/IPS technologies and threat hunting activities.
• Strong analytical experience and mind-set.
• Experience within Defensive Cyber-attack methodologies and frameworks.
• Understanding of Malware capabilities, attack vectors, propagation and impact.
• Good communication skills liaising with the business and suppliers.