SOC Shift Lead - Leeds, United Kingdom - Claranet

Claranet

Verified Company

Leeds, United Kingdom

2 weeks ago

Posted by:

Tom O´Connor

beBee Recruiter

Description

About The Role:

Essential duties & responsibilities

SOC Shift Lead Definition:

Managing a small team of analysts on rotation covering the 24x7 operations of the SOC, the shift lead will manage the running of the shift, ensuring that work is prioritised and completed in line with the goals and objectives of the SOC.

The shift lead will act as a mentor to the Junior and Tier 1 analysts encouraging training and development activities while maintaining service SLA's and triage of the security incidents, the shift lead will also be responsible for appropriate escalations in and out of hours to the Tier 2 analysts for additional support when analysing security incidents.

Essential duties & responsibilities

Responsible for working in a 24x7 Security Operation Center (SOC) environment
Provide analysis and trending of security log data from a large number of heterogeneous security devices.
Provide Incident Response (IR) support when analysis confirms actionable incident.
Provide threat and vulnerability analysis as well as security advisory services
Analyze and respond to previously undisclosed software and hardware vulnerabilities
Investigate, document, and report on information security issues and emerging trends.
Coordinate with Intel analysts on open source activities impacting SLTT governments.
Integrate and share information with other analysts and other teams
Other duties as assigned
Recommend changes to enhance systems security and prevent unauthorized access client systems.
Conduct research and assessments of security events, providing analysis of firewall, IDS, antivirus and other network sensor produced events, to feed in to SOC reporting activities and improvements.
Monitor threat & vulnerability news services for any relevant information that may impact installed infrastructure. Analyse reports to understand threat campaign techniques, lateral movements and extract indicators of compromise.
Participate in compliance/vulnerability assessment scanning, and develop mitigation and remediation plans from the assessment findings
Document information security operations policies, processes and procedures. Create and update security event investigation notes on open incidents and maintain case data in the incident response management platform.
Provide input, as requested, for Security, Risk, Compliance and Service reporting.

In addition to the above, the SOC shift leader will be responsible for:

To ensure that handovers are carried out between shifts
To act as the point of escalation for the level 1 analysts and Juniors
To delegate tasks wherever necessary
To create and conduct service review presentations/reports and provide them to customers
To assist with reporting
To act as a mentor to level 1 analysts and Junior analysts
To report any team issues to the Team Lead so that resolutions can be quickly reached
To oversee any support tickets and to ensure that they are correctly handled and escalated/handed over as necessary

About You:

Position specifications

Essential:

Bachelor's degree in a related field or equivalent demonstrated experience and knowledge
13 years' experience as a Security/Network Administrator or equivalent knowledge
Knowledge of various security methodologies and processes, and technical security solutions (firewall, SIEM and intrusion detection/prevention systems, vulnerability scanners, etc.)
Excellent understanding of commonly used Internet protocols such as SMTP, HTTP, and DNS
Ability to multitask, prioritize, and manage time effectively
Strong attention to detail
Excellent interpersonal skills and professional demeanour
Excellent verbal and written communication skills
Excellent customer service skills
Proficient in Microsoft Office Applications

In addition, the following are highly desirable:

SANS Certification
CREST Certification
Cyber Security Training Certifications
Understanding of performing 1st level analysis and interpretation of information from SOC systems; incident identification/analysis, escalation procedures, and reduction of falsepositives.
Knowledge of multiple operating systems and applicable system administration skills
An understanding of threat analysis, threat hunting and intelligence feeds

About Us:

Claranet combine pioneering technologies, practices, and expertise to propel our customers ambitions.

Through a vibrant customer centric culture of collaboration, learning, and opportunity, we nurture a dynamic community of the best technology and service expertise spanning cloud, cybersecurity, networks, and unified communications.

Founded in 1996, Claranet has evolved into a multi-disciplinary technology services provider with global reach.

The company has annualised revenues of circa £520 million, over 10,000 customers, and more than 3,000 employees in nine countries.

In the UK we have over 500 staff working in London, Gloucester, Wa