N.B. This role can be based in London or Peterborough
We are seeking a L2 SOC Analyst to support the management and ownership of security services and operations within Thomas Cook.
Key accountabilities and decision ownership:
- Analyse information and intelligence relevant to threats facing the systems, infrastructure, and critical resources to our environment
- Review alerts generated by Tier1 Analysts and deliver 2nd/3rd level investigation and remediation activities.
- Conduct research and assessments of security events; provide analysis of firewall, IDS, anti-virus, Proxies and other network sensor produced events; present findings as input to CSIRT
- Assist in Cyber Security Incident Response activities and investigate ; work with 1st, 2nd and 3rd line security analysts (internal and external) to identify and resolve the incident.
- Use SIEM and security tools to monitor the security posture of the IT estate and identify anomalous activity and behaviours.
- Proven experience of working in Cyber Security environments with strong technical background and relevant security domain, capable of analysing complex technical information to identify patterns, trends and linkage.
- Proven experience of SIEM tools such as QRadar or similar, for analysing logs, network traffic, and security incidents
- Understanding of Incident Handling/Response, IDS/IPS Monitoring, Forensics/Malware Analysis, Malware/Anti-malware techniques, Threat Hunting, exploits, attack vectors and defensive / preventative measures
- Understanding of vulnerability assessment in terms of Zero day and report Vulnerability advisories
- Some travel may be required.
- Out of hours working to cover incidents and on-call duty may be required.
- Full UK/EU driving license preferred
- Car Preferred
- Must be eligible to work in the EU
- Cover Letter Required