Subscribe to Job Alert
Join our happy subscribers
Never pay for any CBT, test or assessment as part of any recruitment process. When in doubt, contact us
Content+Cloud is one of the UK’s leading technology services, solutions and support providers, with a passion for helping ambitious organisations and their people to succeed. We believe in helping to create a world in which organisations grasp all that technology can offer, improving results and the experiences of their people. We work with a wide r...
Description
The CSOC Specialist role is part of the Cyber Security Operations Centre (CSOC) and sits within the Cyber Services Department of Content + Cloud
The candidate will be an active player within the Cyber Security Operations Centre (CSOC) using a variety of SIEM and security toolsets to meet the requirements of the business and its customers.
This is a hands-on role and requires a broad technical knowledge, skills and abilities. Although the focus is on Cyber Security, knowledge and/or experience of modern IT systems and infrastructure is advantageous to assist with the development and continuous improvement of the security platforms within Content + Cloud and its customer’s environments.
Requirements
Work within a multi-disciplined CSOC team identifying, owning, progressing and resolving security incidents.
Perform the prompt and effective triage and investigation of security events and incidents applying sound problem solving methods to determine scope, urgency, and potential impact.
Provide technical support for the identification and response to events or incidents of a suspicious or malicious nature, and apparent security breaches.
Addresses technical problems; install, configure, troubleshoot, and provides maintenance to security platforms. Provides specialist technical support to Incident Response (IR)
Collaborate with stakeholders to identify access and data collection gaps providing specialist Cyber technical advice, guidance and support.
Drive customer satisfaction and continuously seek to improve operational performance.
Maintain a continuous understanding of the threat landscape with in-depth knowledge around threat actors, TTPs and vulnerabilities
Actively support the Cyber Security Operations and Cyber Security Engineering functions in the planning, development and execution of initiatives designed to improve services and performance.
Essential
Excellent soft skills in the form of team working, problem solving and communication.
A keen self-starter who can evidence excellent customer service and can collaborate effectively.
Demonstrable experience working with SIEM technology, preferably within a CSOC / SOC environment
Demonstrable technical knowledge, skills and/or experience in intrusion analysis, and network and security investigation using a variety of security tools (EDR, DLP, AV, Snort, Wireshark, TCPdump etc.).
Working knowledge and experience of core security and infrastructure technologies (e.g. firewall logs, network security tools, malware detonation devices, proxies, IPS/IDS)
Desired
Having achieved at least a BSc or MSc in Cyber Security incorporating Ethical Hacking, Digital Forensics or Information Security; or
One or more of the following industry certifications: CEH, GCIA, GCIH, GSEC, Security+, GCTI
Experience in secured cloud architectures (Azure, AWS) and engineering solutions
Formal experience in Digital Forensics or experience using EnCase, FTK Imager or similar
An understanding of multiple operating systems and their programming interfaces such as UNIX Shell and PowerShell.
An awareness of cyber security related standards and regulations, for example, NIST, CIS, ISO 27001 and PCI DSS
All recruitment and selection for Content+Cloud is guided by the principles of our Employment Equity Plan
Build your CV for free. Download in different templates.
Join our happy subscribers