Salary: £45K to £66K plus flexible benefits, based on level of individual’s competency
Our client is a global leader in consulting, technology and outsourcing services. Together with its clients, the company creates and delivers business, technology and digital solutions that fit their needs, enabling them to achieve innovation and competitiveness.
As a Threat Protection Lead, you will be working at a major customer site within the Security Operations Centre (SOC) with a team who deliver IT Security Services to a wide variety of clients across the globe. You will be responsible for ensuring the integrity of client IT infrastructures, and protecting the information systems residing upon them from external and internal attack / compromise.
- Delivering Intrusion Detection / Prevention services
- Assisting with Investigations as a result of escalated problems and security alerts from client tooling and security information & event management systems (SIEM).
- Security policy enforcement is a key part of operations, and is achieved through various assurance activities such as auditing Firewalls and conducting privilege account reviews.
- Sound understanding of cyber security threats and compromise methods from a Security Operations Centre perspective
- Understanding of server, client and network technologies from an IT Support perspective
Any specific understanding of the following would be beneficial; otherwise full training will be given:
- Experience in conducting application vulnerability assessments
- Experience in the use of Intrusion Detection systems, management and responding to and the tuning of alerts
- Experience in conducting host vulnerability assessment
- Experience in the use of SIEM platforms, preferably, ArcSight.
- Vulnerability Awareness / Understanding
- HMG Security Standards and Processes
- Experience using tools such as Nessus, NMAP, Retina
- Coaching and mentoring of junior SOC Analysts
Note: UK Government Security Clearance is mandatory, if not already held it will need to be in place before the candidate can start. All applications for this role are subject to applicants meeting all relevant security, regulatory and compliance requirements.