e2e-assure are recruiting a SOC Technical Lead to work in our lively Oxfordshire SOC. You will manage major cyber incidents and ensure the SOC team delivers high-quality analysis and investigations for customers. You will play a crucial role in enhancing the team’s skills, challenging individuals to improve their day job through automation and tuning.
Key Responsibilities:
- Improving the quality of detections and response/analysis routines and playbooks
- Improving the quality of our threat intelligence platform, threat indicators and assist in optimisation of threat data
- Supporting the SOC with wider cyber security expertise – advising, mentoring and coaching. Focusing on improving SOC efficiency by working across the business to bring down alert volume and collaborate on improvements, train SOC staff on investigations and rule tuning
- Supporting the SOC team to achieve agreed SLAs and deliver high quality alerts, tickets, and incidents
- Lead and train the SOC on threat hunting, using this to drive improvements to detection capability
- Lead the SOC to produce threat briefs for significant cyber events that customers need to take action on
- Proactively share knowledge within the team and the wider company, through training and mentoring sessions
- Escalation point for the SOC for technical analysis
- Incident Management Lead for the SOC
- Lead incident exercises
- Support to forensic investigations / IR Companies
Candidate Attributes
Essential:
- Prior experience working in a cyber security-focused role, ideally SOC or Incident Response experience.
- Significant experience with log monitoring tools and SIEM platforms such as Splunk or Microsoft Sentinel
- Experience with leading major incident investigations
- Ability to train, coach, and mentor technical teams to help them achieve their potential
- Advanced knowledge of cybersecurity and insight into recent trends
- Familiar with host and network based forensics and concepts
- Experience of vulnerability management process
- Experience with Log analysis / Log forensics (including PCAP analysis)
- Endpoint artifact analysis (investigation packages etc)
- Relevant computing or cyber university degree or Security certifications such as CompTIA Advanced Security Practitioner (CASP+), GIAC Certified Forensic Analyst, GIAC Cyber Threat Intelligence (GCTI), GIAC Open Source Intelligence (GOSI), GIAC Defending Advanced Threats (GDAT), GIAC Security Expert (GSE)
Desirable:
- Experience with investigating closely targeted, significant data breach cyber incident investigations
- Considerable experience with tuning complex alerting rules (e.g. use of regex or sub searches)
- Experience with APT Incident Investigations
- Experience of Malware analysis (static or dynamic)
- Experienced operating system or network administration including system hardening, Windows domain setup and maintenance (e.g. WSUS, SCCM, Group Policy, DCE) or previous experience working in an enterprise administration role
- Experience with Cloud Hosting Platforms such as Microsoft Azure, AWS or Google Cloud Workspace.
Additional Information
Location: From home, but some travel will be required
Benefits: Contributory pension scheme, 25 days annual leave + Bank holidays (with additional for continued service), enhanced maternity/ paternity/ sick pay, Cycle to Work scheme, Home and Tech purchase scheme, Employee assistance program for mental health and wellbeing, neurodiverse support, inclusive and friendly working environment
Clearance: Individuals in this role must be eligible for SC and NPPV3 clearance. This requires residency in UK for the last 5 years. Failure to pass these checks may result in your employment being discontinued.
e2e-assure is an equal opportunities employer. We understand the importance of diversity and inclusion to the success of e2e-assure as a business and are committed to providing a diverse working environment.
We expect e2e-assure employees to have a high standard of personal integrity, both during and outside work time, including how they present themselves online. We may conduct background and open-source checks to verify this.
To apply for this role please send your CV to Careers@e2e-assure.com
To view our full candidate and careers data policy please visit https://e2e-assure.com/candidate-privacy-notice/