Back to search
Senior Security Operations Centre Specialist - Insurance client
A critical first-shift individual role (6 am - 2 pm), dedicated to proactively identifying adversary activities within the business globally to disrupt threats before attackers achieve their objectives.
The ideal candidate must possess demonstrated expertise in log analysis, network traffic investigation, and in-depth knowledge of the MITRE ATT&CK framework and Incident Response framework.Key responsbilities:
- Part of the global IT security team working closely with the US SOCs teams.
- Performs a combination of duties in accordance with departmental guidelines.
- Acts as technical expert to local stakeholders in London.
- Conduct real-time and historical analysis using the full security suite owned by the business including Endpoint Protection, SIEM, Firewall, Endpoint Detection & Response, Intrusion Detection Systems, Email Gateway, Web Content Filtering & Identity Management technology.
- Conduct incident response triage analysis on suspected hosts to determine potential ongoing attacks and its scope.
- Expert familiarity with SOC operations, scheduling, and tools including SIEM, SOAR, and DFIR products.
- Knowledge of the incident response lifecycle and cyber security leading practices.
- Solid understanding of security policy construction and publication.
- In-depth knowledge of regulations (i.e., SOX, privacy, etc.) and internal controls as they apply to IT
- Industry certifications preferred (CISSP, GCFA, GCIH, GCFE, or equivalent) or related discipline, or equivalent experience in Computer Science.
