SOC Analyst

SOC Analyst (L2) Description SOC Analyst (L2) Hemel Hempstead Up to £58,000 per annum Candidates wishing to apply bust be UK based and able to successfully satisfy UK SC clearance Additional: Shift Pattern – 4 on/4 off Our client, an industry lead in the Cyber arena, is looking for an experienced SOC Analyst to join their busy Security Operations Centre (SOC) helping to support the next phase of growth for the company. As the SOC Analyst you will be responsible for detecting, responding and mitigating cyber-attacks on our clients customers networks within their Security Operations Centres using a combination of our SOAR, Elastic and the Microsoft XDR ecosystem to deliver effective and appropriate defences for our client. This position is ideal for a seasoned SOC Analyst with experience in cyber security, looking to broaden their scope of cyber skills with a strong focus on detection and response to cyber incidents. Responsibilities * Defend customers monitoring systems, people and data looking for potential threats, vulnerabilities and indicators of compromise * Perform in-depth analysis of security alerts utilizing the advanced tooling and systems available to you (including Elastic, Microsoft XDR and other technologies) * Identify incidents and breaches, utilising tooling and provide appropriate incident remediation * Provide recommendations and support to customers based on defined procedures and analyst experience. * Work with threat intelligence and threat hunting to drive the detection and enrichment Qualifications * Strong practical knowledge of security and networking toolsets including SIEM, EDR and other security tooling * Microsoft/Defender SIEM * Elastic advantageous * Proven commercial experience working as a SOC Analyst * An understanding of common operating systems, network protocols and attacker behaviours * Extensive experience in analysing security events * other data points, and communicating and iterating conclusions, mitigations and recommendations for improvements in a clear, actionable manner. Certifications: Desirable, NOT essential * General security (CREST CPSA / CPIA / CRIA / CMRE / CNIA / CHIA * CompTIA Security+, CompTIA Network+ * Vendor specific Elastic Certified Analyst, Azure based certifications (SC-200, AZ-500, MS-500)