We specialise in the provision of advanced threat detection and response systems combined with a unique outsourced management service that monitors your security on a 24/7 basis. Our customers trust us to provide practical, flexible and affordable solutions to protect and mitigate against the risks of cybercrime.

We are a Microsoft Gold Partner and specialise in cyber security solutions utilising the Microsoft Security stack which include Defender & Sentinel.

Key Skills:

• Ability to think analytically and solve complex problems as part of everyday security operations work
• Ability to work under pressure, focus on the detail
• Ability to deliver and document security processes and procedures
• Ability to work with multiple other teams across the business, including IT teams, operations, projects, service desk etc.
• Curious, innovative and a great team player

Tasks and Accountabilities:

• Perform initial triage/identification of ‘Events of Interest’ using the SOC toolset
• Ensure that all events, events of interest, exceptions and incidents are responded to in accordance with established SOC work instructions, including remedial action/recommendations.
• Work within specified SLA’s and SLO’s defined
• Research emerging threats and vulnerabilities
• Ensure all Work Instructions and Processes are reviewed and remain current.
• Collaborate on product and process improvements, including: Creating and improving analytics, workbooks, playbooks, threat hunts, etc.
• Maintaining and contributing to our knowledge base Provide feedback and collaborate with Engineering and Development teams to improve our products, services, technologies, integrations, etc.
• Ensure all Work Instructions and Processes are reviewed and remain current.
• Customer enquiries and one-off requests and projects will be required to be logged and completed.
• Phishing Email Investigation to be conducted, appropriate action taken and documented within our proprietary ticket management system.

Desired Experience (not required but beneficial):

• Experience with developing and using a SIEM platform, preferably Microsoft Sentinel
• Experience with managing and operating EDR platforms, preferably Microsoft Defender for Endpoint
• Experience with vulnerability management processes and tooling
• Experience with public cloud solutions, preferably Microsoft Azure
• Experience with the full O365 stack, including management of the security and compliance features

Desired Certifications (not required but nice to have)

• Blue Team Level 1 / Blue Team Level 2
• Security+
• CCNA/CCNP Security (or other tracks)
• eJPT/eCPPT/OSCP
• CISSP
• Microsoft security certifications such as AZ-500, MS-500, SC-200 etc.

Reporting and Department:

The role will report directly to the Head of Security Operations & the Technical Director

APPLY NOW