Skip to main content
AdobeStock_425318986-2000x400
Stem recruitment specialists

Find your future role

Job title

OpNET SOC Security Engineer/Analyst

Ref no. BHN533068
Location Corsham, England
Start date ASAP
Job type Contract
Job status Closed

Job summary

The DPS SOC Security Engineer (Incident & Vulnerability) - L3 is responsible for delivering DCO outcomes across the OpNET platform. The SOC Security Engineer (Incident & Vulnerability).

Key skills required for this role

OpNET SOC Security Engineer/Analyst

Important

OpNET SOC Security Engineer/Analyst

Job description


Job Specification: The DPS SOC Security Analyst (Incident) is responsible for delivering DCO outcomes across the OpNET platform. The SOC Security Analyst (Incident) is critical for the deployed environment, ensuring that operational security processes are enacted at every level. The Security Analyst (Incident) reports to the Security Manager (Incident) and is responsible for:
* Detecting and responding to malicious behaviour across all platform components including workstations, servers, and network devices.
* Optimising threat detection products for data loss prevention (DLP), security information and event management (SIEM), advanced email protection, endpoint detection and response (EDR), antivirus and intrusion prevention/detection systems.
* Reviewing and responding to escalated security events.
* Proactively hunting threats within the OpNET environment.
* Writing detection signatures, tune systems / tools, develop automation scripts and correlation rules.
* Maintaining knowledge of adversary tactics, techniques, and procedures (TTPs).
* Conducting forensic analysis on systems and engaging third-party resources as required.
* Ensuring incident identification, assessment, quantification, reporting, communication, mitigation, and monitoring.
* Ensuring compliance to SLAs and KPIs, process adherence and process improvisation to achieve operational objectives.
* Ensuring compliance to policy, process, and procedure adherence and process improvisation to achieve operational objectives.
* Revising and developing processes to strengthen the DETECT and RESPOND delivery.
* Initiation of corrective action where required.
* Ensuring daily management, administration & maintenance of security devices to achieve operational effectiveness.
* Creation of reports, dashboards, metrics for SOC operations and presentation to OpNET CISO and Security Working Group (SWG).
* Co-ordination with stakeholders (both internally within DPS and externally with the CyISOCs), build and maintain positive working relationships with them, and ensure outputs are aligned.
* Routine governance and compliance audits, and accreditation activities.
Required (minimum):
* Hold current DV clearance.
* Strong hands-on experience of a variety of SIEM and SOAR platforms (including SPLUNK, ELK, Elastic, Security Onion v2).
* Hands-on experience on a variety of scanning tools when required to investigate from tools specifically (tools including. Nessus, Greenbone, Nipper, BMC Discovery, McAfee ePO, Tanium, Tripwire and Whats Up Gold).
* Experience in forensics, malware analysis, threat intelligence.
* Ability to understand, modify and create threat detection rules within a SIEM.
* Ability to correlate data from multiple data sources to create a more accurate picture of cyberthreats and vulnerabilities.
Desirable qualifications:
* CompTIA A+.
* CompTIA Security+.
* CompTIA CySA+.
* CompTIA PenTest+.
* MCSE.
* SANS 504 - Incident Handling.
* SANS 503 - Intrusion Analyst.
* SANS 511 - Continuous Monitoring.

Matchtech is a STEM Recruitment Specialist, with over 35 years’ experience

Learn more about Matchtech

Let us find jobs for you