Security Operations Centre Analyst (L2)

Role Title: SOC Analyst (L2)  Reports To: SOC Lead Location: Remote – UK Based  Salary Range: £35-40k depending on experience + 15% Shift Uplift Hours: Full time  Shift Pattern: The team operates a rotating 4 on 4 off shift pattern: 4 on / 4 off rotating pattern (Day shifts: 06:00–18:00 | Night shifts: 18:00–06:00) comprising two day shifts followed by one night shift.  The Company  Founded in 2018, CYSIAM works in strategic partnership with public and private sector clients who understand and are serious about mitigating the risks that cyber incidents pose to their critical systems and data. Our team are at the cutting edge of technical cyber expertise, enhanced by decades of experience in central government, military intelligence, and law enforcement. We are driven by our values and our culture lives and breathes integrity, passion, and tenacity.    We provide security and confidence through world-class cyber security services tailored to our clients’ individual requirements. This includes UK-based 24/7/365 detection and response through persistent overwatch of networks and data, giving our clients the best chance of protection from cyber-attack.   Our UK-based monitoring, hunting and response teams are powered by technology, intelligence and experience. We detect anomalous behaviour and work with our clients to prioritise and implement responses in order to restore ‘business-as-usual’ as quickly as possible. For those attacks that are more sophisticated and sustained, our threat hunting team track and immobilise the threat, minimising harm.   CYSIAM is a fast-growing force in the Cyber Security industry and has a unique DNA which makes it an exciting and interesting place to work. Our Cyber Defence Operations (CDO) team already works for highly prestigious clients and is looking to build scale from a strong base.  Applicants must be physically located in, and have the right to work in the United Kingdom. We are unable to offer visa sponsorship.  This role requires successful candidates to obtain and maintain UK Government Security Clearance to SC or above.  The Right Applicant  We are looking for a team player to join as a security analyst in our emerging MDR service. Due to the dynamic nature of our business, we require an individual who is flexible, deployable on a broad scope of tasks, can communicate effectively to others and can learn at pace. We need someone who is confident in their own skills and will work autonomously on tasks and personal development.  Self-awareness and the ability to ask for help when appropriate are among the key attributes we are looking for.  We are a values-based organisation, and we leave our egos at the front door. We need people who are tenacious, passionate, have the highest integrity, and want to be part of building a world class security team.   Role Overview  As an analyst, your primary role within the CYSIAM team will be to conduct investigation of host and network security events for our client’s critical infrastructure. Role duties will include:  Monitor, triage, escalate and investigate security incidents on critical client infrastructure.  Be the technical escalation point for Associate (L1) analysts.  Training of Associates analysts.  Deliver client reports based on incident findings to both technical and non-technical audiences.  Maintain and where appropriate, improve CYSIAM knowledge of SOC tools.  Contribute to internal R&D projects.  Prepare monthly SOC reports for managed clients and continuously improve their content and presentation.  Work as part of a team to ensure that corporate data and technology platform components are safeguarded from known threats.  Tuning of detection queries to optimise to the client environment and reduce noise.  Creation of runbooks and Knowledge Base documentation   Must-Have Technical Expertise: Minimum of 1.5 years’ experience in Security Operations Centre.  Understanding of the Mitre attack framework.  Working knowledge in the analysis of pcaps, log data and intrusion detection systems.  Experience of a wide range of SOC tooling  Detail orientated, with strong organisational and analytical skills.  Demonstrably strong written communication and interpersonal skills.  Dedication and desire towards continuous professional development.  Basic knowledge of client-server applications, multi-tier web applications, relational databases, firewalls, VPNs, and enterprise Anti-Virus products  Strong understanding of networking principles including TCP/IP, WANs, LANs, and commonly used Internet protocols such as SMTP, HTTP, FTP, POP, LDAP   Bonus Skills (Helpful but not Required): Experience of CrowdStrike Falcon, Splunk, Microsoft security suite, Fortigate Firewalls  Understanding of static malware analysis.  Understanding of programming and scripting such as Python, Perl, Bash, PowerShell, C++  The following are desirable; Sec+/Net+/CySA, BTL1, Splunk Power User, CrowdStrike Responder, SC-200   Culture & Benefits  The CYSIAM team is fiercely supportive of each other both in our personal and professional lives. We are very flexible in our working arrangements and trust people by default to deliver their outputs without constant supervision. In return, we ask for loyalty, a strong work ethic, and your best self. We offer a competitive salary and incentives, 25 days of holiday (which builds up to 30 days over the first 5 years of employment), a pension, group life cover, and company away days. Employee benefits will increase as the company grows.