Tier II SOC Analyst

• Responsible for providing Tier 2 case resolution, resolving complex security cases including generating initial reporting, providing follow-ups and requesting information and resolution activity. 
• Day to day incident triage and escalation using contextual and threat intelligence 

• Responsible for providing security expertise to escalated incidents 

• Act as the incident handler for P1/P2 incidents 

• Provide and support In-depth SIEM and Incident notification toolset administration and configuration 

• Fully utilise threat intelligence capabilities for proactive threat hunting 

• Responsible for providing communication directly with CyberClans’ customers regarding security incidents and other related topics. 

• Aid in the development of incident response procedures and playbooks 

• Technical liaison between other service lines including threat hunting, incident response and incident investigation. 
• Contribute to the design and development of defense and response strategies, knowledgebase and playbooks. 

• Conducting cyber threat research and analysis for purposes of improving the strength of network security. 
• Assist with defining, testing and operating new ways of working with new technology solutions or processes supplied to the SOC team.   
• Follow agreed security best practices and SOC processes 

• Interact with strategic incident response and threat intelligence vendors. 

• To undertake other responsibilities, training and tasks as reasonably requested by line management. 

• Undertake periodic assurance reviews and produce associated reporting as required. 

• Participate in CyberClan internal security awareness initiatives and other training requests  

• Responsible and accountable for ensuring all employment legislative requirements are adhered including equality, diversity and health and safety issues. 

• The job description may be altered at any time in line with the level of the post to meet changing requirements, but only in full consultation with the post holder. 

Required Skills and Experience 

• Educated to GCSE level or equivalent 

• Cyber Security Qualification (COMPTIA or equivalent experience) 

• ITIL Foundation 

Preferred Skills, Experience, Degrees or Certifications  

• Previous experience in a similar position 
• Knowledge and experience of SOC tooling to identify threats. 

• Knowledge and experience of IT systems, networking and security threat landscape including: 

• Network fundamentals for example OSI stack, TCP/IP, DNS. HTTPS, firewall logs, packet capture and analysis. 

• Cloud technologies (AWS, Google Cloud, Azure) 

• Active Directory, Group Policies, PowerShell 

• Endpoint protection applications (Antivirus, Web Filtering, ATP, Encryption) 

• IDP/IPS Systems 

• SIEM tools (such as Splunk) 
• SOAR is an added advantage