Exclusive International Cyber Expo Offer

Claim your FREE Custom Threat Assessment and 1:1 Vulnerability Workshop  at this years International Cyber Expo.

SOC Technical Lead

e2e-assure are recruiting a SOC Technical Lead to work in our lively Oxfordshire SOC. You will manage major cyber incidents and ensure the SOC team delivers high-quality analysis and investigations for customers. You will play a crucial role in enhancing the team’s skills, challenging individuals to improve their day job through automation and tuning.

Key Responsibilities:

  • Improving the quality of detections and response/analysis routines and playbooks
  • Improving the quality of our threat intelligence platform, threat indicators and assist in optimisation of threat data
  • Supporting the SOC with wider cyber security expertise – advising, mentoring and coaching. Focusing on improving SOC efficiency by working across the business to bring down alert volume and collaborate on improvements, train SOC staff on investigations and rule tuning
  • Supporting the SOC team to achieve agreed SLAs and deliver high quality alerts, tickets, and incidents
  • Lead and train the SOC on threat hunting, using this to drive improvements to detection capability
  • Lead the SOC to produce threat briefs for significant cyber events that customers need to take action on
  • Proactively share knowledge within the team and the wider company, through training and mentoring sessions
  • Escalation point for the SOC for technical analysis
  • Incident Management Lead for the SOC
  • Lead incident exercises
  • Support to forensic investigations / IR Companies

Candidate Attributes

Essential:

  • Prior experience working in a cyber security-focused role, ideally SOC or Incident Response experience.
  • Significant experience with log monitoring tools and SIEM platforms such as Splunk or Microsoft Sentinel
  • Experience with leading major incident investigations
  • Ability to train, coach, and mentor technical teams to help them achieve their potential
  • Advanced knowledge of cybersecurity and insight into recent trends
  • Familiar with host and network based forensics and concepts
  • Experience of vulnerability management process
  • Experience with Log analysis / Log forensics (including PCAP analysis)
  • Endpoint artifact analysis (investigation packages etc)
  • Relevant computing or cyber university degree or Security certifications such as CompTIA Advanced Security Practitioner (CASP+), GIAC Certified Forensic Analyst, GIAC Cyber Threat Intelligence (GCTI), GIAC Open Source Intelligence (GOSI), GIAC Defending Advanced Threats (GDAT), GIAC Security Expert (GSE)

Desirable:

  • Experience with investigating closely targeted, significant data breach cyber incident investigations
  • Considerable experience with tuning complex alerting rules (e.g. use of regex or sub searches)
  • Experience with APT Incident Investigations
  • Experience of Malware analysis (static or dynamic)
  • Experienced operating system or network administration including system hardening, Windows domain setup and maintenance (e.g. WSUS, SCCM, Group Policy, DCE) or previous experience working in an enterprise administration role
  • Experience with Cloud Hosting Platforms such as Microsoft Azure, AWS or Google Cloud Workspace.

Additional Information

Location: From home, but some travel will be required

Benefits: Contributory pension scheme, 25 days annual leave + Bank holidays (with additional for continued service), enhanced maternity/ paternity/ sick pay, Cycle to Work scheme, Home and Tech purchase scheme, Employee assistance program for mental health and wellbeing, neurodiverse support, inclusive and friendly working environment

Clearance: Individuals in this role must be eligible for SC and NPPV3 clearance. This requires residency in UK for the last 5 years. Failure to pass these checks may result in your employment being discontinued.

e2e-assure is an equal opportunities employer. We understand the importance of diversity and inclusion to the success of e2e-assure as a business and are committed to providing a diverse working environment.

We expect e2e-assure employees to have a high standard of personal integrity, both during and outside work time, including how they present themselves online. We may conduct background and open-source checks to verify this.

To apply for this role please send your CV to Careers@e2e-assure.com

To view our full candidate and careers data policy please visit https://e2e-assure.com/candidate-privacy-notice/