SOC Analyst

The Opportunity 

Rimes Technologies is looking for a SOC Analyst to join our technology team. This role will be to enhance our SOC capabilities with the overall objective of preventing cyber attacks and enhancing our cyber incident response capabilities. The candidate will join a small but established Information Security team reporting to the Head of Information Security.

What you will do: 

·         Monitor, analyse and respond to security issues

·         Conduct host forensics, network forensics, and log analysis in support of incident response investigations.

·         Effectively investigate to identify root cause, including attack vector, exploitation, and other techniques utilized to bypass security controls

·         Develop and enhance response playbooks

·         Perform training and knowledge transfers to other technical teams

·         Continuous optimisation of tooling coverage and effectiveness

·         Continuous optimisation of internal processes

·         Vulnerability management/ reporting and processing findings for the technical teams to action

·         Interface with security suppliers to drive initiatives and monitor services provided

Who you are:

·        2-3+ years’ experience in IT Infrastructure, Networking or Cybersecurity

·         Strong understanding of network principles, such as TCP/IP, DNS, routing and switching

·         Understanding and working knowledge of the following security technologies:

·         Firewalls (Palo Alto, Meraki, Azure)

·         IDS/IPS (Palo Alto, Meraki, Darktrace)

·         MS 365 Security Suite (Defender for endpoint, Defender for identity, CAS)

·         EDR/XDR (SentinelOne, Defender for endpoint, Darktrace)

·         SIEM (Alienvault)

·         Vulnerability scanners (Qualys, Spycloud)

·         Load Balancers (desirable)

·         MS Azure cloud security suite

·         Experience in writing playbooks and processes

·         Experience in incident management development/ enhancement

·         Professional SOC (or related) Security certification (CEH, CSA etc) will be considered a plus

·         IT infrastructure accreditation (CCNA, MS Infrastructure/Sysadmin, MS Azure etc) will be considered a plus

·         GRC experience (Risk management, Policy creation, Supply chain risk management, Audits etc) will be considered a plus

·         Knowledge of kill-chain model, ATT&CK framework, and modern penetration testing techniques will be considered a plus