One of Enterprise clients are looking to scale up their internal SOC team by adding 2 x SOC Analysts on a contract basis. These roles will be an initial 6 month contracts with high chances of extension.
With a large amount of funding going into Cyber Security throughout the business this is a great time to be part of a major period of growth.
You’ll have the opportunity to:
- Lead the cyber detection engineering activities to develop, and implement threat identification processes and innovate on their current state.
- Enhance the business Defences: Identify log sources, assess gaps, and develop use cases from vulnerability reports and emerging threats using the Mitre ATT&CK framework.Develop
- Hypothesize threats and establish a detection life cycle to manage their threat detection capabilities, including conducting purple teaming exercises.
- Continuously refine detections for false positives, automate where possible, and modernise threat detection with DaC and its pipeline.
- Work closely with the cyber incident response team to enhance detection and monitoring , and collaborate to build response playbooks for each detection.
- Report Metrics: Provide engineering metrics, including ‘mean-time-to-detect’ and ‘mean-time-to-response’ to stakeholders across the business
We are looking for people with proven SOC experience.
Technical Expertise:
- Mitre ATT&CK framework.
- Sigma or YARA rules.
- Knowledge of attacker TTPs that can be translated into detection logic.
Hands-on Experience:
- SIEM technologies ( Splunk Enterprise Security)
- SPL (Splunk query language)
- Log aggregation and normalization
- Experience with CI/CD pipelines, Docker, Git, and Python is highly regarded.