Job Description

Work on-site in client premises SOC 24/7 operation which consists of 4 shift teams. . Provide security expertise to escalated Security incidents. . Act as the Incident Handler for security incidents. . Technical escalation point for the SOC. . In-depth SIEM administration and configuration. . Fully utilize threat intelligence capabilities for proactive threat hunting . Follow agreed security best practices and SOC Processes . Assisting in development of incident response procedures and playbooks . Keep up to date on security developments and news and develop team security . knowledge . Be responsible for updating our ISMS (policy, procedures, standards, guidance) . Manages critical business assets inventory and cyber security risk register . DocuSign Envelope ID: AB3985C4-6B6C-444D-99E5-4F1A91F82971 . Classification: Internal . Works with Security Engineer, Security Architect and SecOps team to support risk assessments for IT services. . Develops and implements security training & education for IT and wider business teams. . Manages 3rd party security relationships and conduct supplier risk assessments, flag concerns, log risks and remediations. . Conducts internal pen testing and manage external pen tests and vulnerability scanning. . Working with development teams for code analysis and pen testing . Creates phishing campaigns specific to the current climate and business. . Supports incident investigations. . Understanding of security threats, attack scenarios, intrusion detection and incident management. . Strong facilitation and negotiation skills. . Ability to deal with ambiguity and to keep a cool head when dealing with crisis or stressful situations and strong analytical skills. . Good understanding of ISO 27001, Cyber Essentials/Essentials Plus, GDPR and other information security-related regulatory and compliance standards . Hands on experience of pen testing and using various tools, Log carving and log investigation. . Experience with building threat-based Use Cases using frameworks such as MITRE ATT&CK . Cloud computing concepts and service models IasS/ PaaS/ SaaS . Authentication concepts (Windows, AAD, Managed Identity) . PowerShell, Kali Linux, Web Application Security (OWASP) . Vulnerability testing tools (Nessus)

Part time