Security Operations Centre Analyst - SOC

CyberCrowd is a well-regarding specialist within the Cyber Services Industry, and was formed in 2016. Currently based in Newbury, Berkshire; the company has recently moved to impressive new premises in the heart of this historic town, which houses a state-of-the-art Security Operations Centre adhering to high level of Government Standards. CyberCrowd have a wealth of experience and extremely talented team delivering a range of services, which include Penetration Testing, Consultancy, ISO Certification, Transformation, Managed SOC/MDR and Training.

Cybercrowd is an information risk, data protection and cyber security services provider. We help organisations to improve their cyber resilience and data protection practices.

Every engagement is focused on delivering an outcome that works in the context of the organisation, business model, culture, working practices and approach to risk.

As a SOC Analyst, working as part of a versatile and agile threat defence team you will be operate at the front-line of cyber security for. Actively reviewing and analysing data to identify potential threats for our customers, monitoring and assessing cases, correlating observables, mitigating and defending against malicious cyber activity and adapting to an ever-changing threat landscape. You must be inquisitive, eager to learn and possess a clear passion for the security industry. The role is based upon a 24/7/365 shift pattern, shift hours are 07:00 19:00 / 19:00 07:00, on a pattern of 4 days on 4 off.

Requirements

Reporting to the Security Operations Manager, the SOC analyst will work within established monitoring and response frameworks to enable the timely and effective response and management of incidents, alarms, notifications, calls and all other activities related to the SOC including new and emerging cyber threats.

The day-to-day deliverables of the role include:

Monitor alerts on a 24x7 basis from different sources and respond to those in a timely manner

Escalate applicable incidents following the appropriate escalation process ensuring response SLAs

are maintained.

Ensure cyber playbooks/runbooks are utilised for the most common/prevalent attacks.

Action all support tickets in a timely manner as dictated by SLAs, ensuring case information is

correct and up to date.

Actively engage with customers on potential ongoing security incidents

Proactively analyse event data to adapt and improve current detection coverage

Work with internal partner teams with customer outcomes at the centre

Operate in a rotating 24x7 shift environment to include daytime, night-time, and weekend work

To perform any task as directed by the SOC Manager

To successfully deliver the role you will need to be able to demonstrate the following;

A technical background, ideally experience or education of working in a SecOps environment and the ability to react to any alerts and/or suspicious activity.

Excellent written and verbal communication skills to support the production of customer reports

A good understanding of IT infrastructure fundamentals such as networks, operating systems and databases

The ability to work under their own initiative, as part of the team knowing when to seek guidance.

An eagerness to develop and grow your career,

Ideal but not essential;

Any cyber/information security certification or relevant degree (e.g. SEC+, Network+, SSCP)

Previous experience of working in an established SOC

Exposure to corporate IT infrastructure

Knowledge of security technologies (e.g. AV, SIEM, IDM, IPS, F/W, SSO, DLP)

Benefits

• Modern Office Working Environment (with breakout areas, recreational activities and kitchen facilities)
  
• Hybrid/Remote Working Opportunities available
  
• Company Contributory Pension
  
• Generous Holiday Entitlement Per Annum (with additional day added with every Year of Service)
  
• Day-Off for your Birthday Every Year (in addition to allocation)
  
• Paid for Bank Holidays per annum (Full Calendar Allocation)