Job Search

Senior Security Analyst

Location: United Kingdom
Job Type: Permanent
Salary: £65000 – £85000
Sector: Business Services

Contact Details

Name: Sam Finn

Are you a passionate Senior Security Analyst with knowledge of Sentinel? Are you looking to work with an organisation working with leading brands globally? I am currently working with a leading MSSP looking for a SOC Analyst to join their 24/7 team.


Job Responsibilities of the Senior Security Analyst

· Operate as part of the SOC monitor shift team, providing 24/7 proactive defensive monitoring to clients of all shapes, sizes and industries

· Utilise Microsoft Sentinel and Defender ATP to protect our clients, respond to alerts and maintain an effective defensive monitoring posture

· Work with Junior Analysts to support them as necessary

· Act as a Lead on Incident Response for customers

· Generate detailed, jargon-free incident reports from your investigations within service level agreements, and with applicable recommendations, mitigations and remediations

· Maintain regular verbal and written communications with stakeholders, representing the business internally and externally as required

· Create high-standard management and operational reports in a timely, concise, and actionable manner

· Create and maintain use-cases, detections, threat hunts and playbooks using industry best-practice, detections frameworks and emerging threat intelligence

· Maintain an up-to-date, threat-centric global security awareness, inc. Defensive monitoring technologies and trends

· Support updating and fine tuning of use cases, detections, and playbooks in line with evolutions in the threat landscape working with the DevSecOps team

 

Desirable Skills and Experience of the Senior Security Analyst

· Previous experience working in a SOC environment

· Knowledge of Microsoft Sentinel (required) and Defender ATP (Beneficial)

· Experience undertaking Incident Response and Triage activities

· Familiarity with SIEM, EDR, EPP, AV and NetMon Tools – usage, analysis & log formats.

· Understanding of attack vectors, with the ability to differentiate between normal and abnormal activity, providing recommendations on countermeasures and remediation activities

· Knowledge of KQL queries is beneficial

· Security certifications are beneficial