MUST HAVE CURRENT DV CLEARENCE.
- When required perform initial triage/identification of ‘Events of Interest’ using the SOC toolset
- Complete analysis/correlation of ’Events of Interest’ to identify incidents
- Ensuring that all events, events of interest, exceptions & incidents are responded to in accordance with established SOC work instructions, including remedial action/recommendations.
- Create and follow Playbooks
- Complete post incident reporting.
- Provide log analysis to support SOC services (including threat hunting)
- Responsible for SOC work instructions, ensuring they are reviewed & amended.
- Maintain currency in security concepts, tools and best practices
- Produce reports (as per templates) & vulnerability/trending analysis as requested by UK SOC Mgr or key stakeholders.
- Present & review reports to internal & external key stakeholders
- Complete tooling configuration changes including but not limited to filters/tuning/dashboards as authorised.
- Carry out minor tool maintenance as directed by SOC lead engineer.