CSOC Analyst at Content+Cloud

Description

• The candidate will be an active member of CSOC (incl. NOC) using a variety of security and network platforms to meet the requirements of the business and its customers.
• This is a hands-on role and requires broad technical knowledge, skills and abilities across modern IT systems and infrastructure.

General responsibilities

• Participate within a multi-disciplined environment (CSOC / NOC) identifying, owning, progressing and resolving security and network incidents.
• Perform prompt and effective incident triage and investigation applying sound problem-solving methods to determine scope, urgency, and potential business-impact.
• Maintain and operate a wide variety of platforms and toolsets across CSOC and NOC
• Work with internal and external stakeholders to resolve security and network incidents and vulnerability compliance.
• Drive customer satisfaction and continuously seek to improve operational performance.
• Collaborate with other teams to maintain service standards and functionality.
• Initiate, update, approve and maintain knowledge articles within the prescribed ITSM tool
• Ensure Service Level Agreements (“SLAs”) are met internally and per customer requirements
• Maintain a continuous understanding of the threat landscape with in-depth knowledge around threat actors, TTPs and vulnerabilities.
• Provide technical support for the identification, triage and response to events or incidents of a suspicious or malicious nature, and apparent security breaches.

Requirements

• Hands-on skills and experience with a SIEM platform (Azure Sentinel, Splunk, AlienVault, QRadar, LogRhythm)
• Hands-on experience with the use of Endpoint Detection and Response or SOAR platforms in threat detection and prevention
• Demonstrable knowledge of the MITRE ATT&CK framework and OWASP
• The ability to work on a 24 x 7 shift rota
• Excellent soft skills in the form of team working, problem solving and communication.
• A keen self-starter who can evidence excellent customer service and can collaborate effectively.
• A good understanding of process, change and problem management
• Demonstrable network security knowledge: IDS/IPS, firewalls, remote access, VPN, network monitoring, vulnerability scanning, anti-malware
• Good working knowledge of Windows and Linux OS, TCP/IP, DNS, HTTP(S), SNMP and server virtualisation (Hyper-V/VMware)
• One or more of the following industry certifications:
• CompTIA Security+, Network +, A+, Microsoft Certified Associate or higher, Cisco CCNA or above.
• Confident working experience across the following technology stacks:
• Networking and Firewalls – Cisco, Dell, Fortinet
• Microsoft Servers 2012-2019
• Cloud platforms – O365, Azure, AWS, Mimecast
• RMM and Professional Monitoring toolsets
• Data Protection | Backup solutions – Backup Exec, VEEAM, Microsoft, DPM, Microsoft Azure Backup Server, Azure Site Recovery

Desired working experience:

• An awareness of cyber security related standards and regulations, for example, NIST, CIS, ISO 27001 and PCI DSS
• Good working experience with Fortinet, Cisco Meraki, Switching (HP, Juniper), Firewalls (Cisco, Juniper, Palo Alto)
• Experience in cloud architectures (Azure, AWS) and engineering solutions
• Having achieved at least a BSc or MSc in Cyber Security incorporating Ethical Hacking, Digital Forensics or Information Security

Benefits

• Salary dependent on experience
• Role based out of our Century City offices (currently working remotely)
• 40 - 45 hours per week (This will be a mixed early and late shift rotation, over a 4 days on, 4 days off pattern - The shift times will be discussed at interview stage)
• 20 days’ annual leave
• Multiple HIIT, general fitness, yoga and meditation classes run virtually each week! (In addition to other wellness events and other social activities...)
• Continual professional development plans

Good luck and please bear in mind we receive a very high number of applications; we will endeavour to get back to all applicants, however, we thank you for understanding this is not always possible for unsuccessful applicants.

Content+Cloud is proud to be an equal opportunity workplace that is committed to attracting and retaining the best talent regardless of race, sex, age, national origin, religion, sexual orientation, gender identity, disability or criminal history. As part of our compliance requirements, we do undertake background checks which, dependant on levels of security required for the role or client assignment, may include a criminal record check. Please do let us know if you would like more details on the level of checks for the specific role you are applying to.

We are happy to provide any reasonable adjustments you may need to ensure you feel you have the best experience across our selection process and future employment, for any support on this please email us at [email protected]