IT SOC Analyst

**Purpose**

Responsible for monitoring, detecting and tracking security events in the technology estate within their scope of view. Proactive vulnerability scanning of all key information and technology assets and all public facing services. To track and manage the remediation efforts for all identified IT security related issues. To maintain reporting on all security operations and to ensure and always improve information security and regulatory compliance.

**Position Description**

**KRA / Main Outputs and Responsibilities**

**Detailed Description**

**Monitor, Detect and Defend organisation assets**
- Monitor organisation information and technology and assets through use of security monitoring tools and platforms including, AD Audit, SIEMonster, Grey-Log, Forti-Analyzer (IPS/IDS), Mimecast Reporting, Office 365 Security Centre (DLP) etc.
- Raise help manage security incidents with purpose to ensure sensitive data isolation, systems sandboxing and security event containment
- Assess Security incidents and measure organisational impact

**Proactively seek out security vulnerabilities/ incidents**
- Proactive vulnerability scanning of all public facing services, corporate networks and attached devices through use of approved tools including Nessus, Qualys etc.
- Perform regular “Rogue Wireless Detection” scans across all PCI CDE’s and relevant corporate networks
- Perform unstructured data discovery scans across all attached corporate networks in search of “Card” and “Sensitive” data, stored insecurely
- Work with IT Ops teams and perform tests to uncover network/software vulnerabilities
- Track and manage remediation efforts to fix detected vulnerabilities
- Research security enhancements and make recommendations to management

**Manage and track security findings remediation efforts**
- Manage key stakeholders and technology owners throughout remediation processes and provide corrective recommendations as needed
- Maintain full tracker and log throughout the security incident lifecycle including, incident/event details, stakeholders, severity level, timing, remediation and related evidence and improvement plans where applicable
- Maintain task trackers and provide reporting as needed

**Document relevant security tasks, activities and outputs**
- Maintain owner and version-controlled documents and data sets for use in organisational security posture and management reporting
- Document security breaches and provide remediation recommendations

**Research and evaluate Trusted 3rd Parties security notifications**
- Make use of various “Trusted 3rd Party” security organisations i.e. Microsoft, Kaspersky KSN, Qualys, ISF, NIST etc. notification, and evaluate their industry known vulnerabilities and exploits for comparison against company information and technology assets

**Financial Management**

Identify, promote and gain support for improvement opportunities that will increase revenue and or reduce operating costs

**Level of Authority**

Subject matter expert on IT Security and breaches

Monitor networks and connected devices

Investigate all cyber security incidents

To report threat posture to the IT Security Manager

**Size**

The SOC Analyst is part of a medium sized team, no direct reports, but reports into the SOC Lead.

**Skills and Competencies**
- Planning and organizing competencies
- Excellent Interpersonal and managerial skills
- Exceptional attention to detail
- Strong document writing and evidence management abilities
- Conceptual, analytical and problem-solving skills
- Strong communication skills both verbal and written
- Able to work independently or as part of team
- Ability to function in a fast paced and high-pressure environment

**Experience, Knowledge and Qualifications**

**Minimum**
- IT Security Essentials certification or equivalent
- Experience in IT security or related field
- Experience with computer network vulnerability testing tools and techniques
- Understanding of firewalls, proxies, SIEM, antivirus, and IDS/IPS concepts
- Ability to identify and mitigate network vulnerabilities and remediate
- Understanding of patch management
- Understanding of Wireless network security and protection mechanisms
- Experience with industry standard InfoSec tools and techniques i.e. O365 Security Centre, Mimecast, Qualys, AV, SIEM’s, unstructured data scanning, rogue detection etc.

**Package & Remuneration**

Market Related