The CSOC Specialist role is part of the Cyber Security Operations Centre (CSOC) and sits within the Cyber Services Department of Content + Cloud
The candidate will be an active player within the Cyber Security Operations Centre (CSOC) using a variety of SIEM and security toolsets to meet the requirements of the business and its customers.
This is a hands-on role and requires a broad technical knowledge, skills and abilities. Although the focus is on Cyber Security, knowledge and / or experience of modern IT systems and infrastructure is advantageous to assist with the development and continuous improvement of the security platforms within Content + Cloud and its customer’s environments.
Work within a multi-disciplined CSOC team identifying, owning, progressing and resolving security incidents.
Perform the prompt and effective triage and investigation of security events and incidents applying sound problem solving methods to determine scope, urgency, and potential impact.
Provide technical support for the identification and response to events or incidents of a suspicious or malicious nature, and apparent security breaches.
Addresses technical problems; install, configure, troubleshoot, and provides maintenance to security platforms. Provides specialist technical support to Incident Response (IR)
Collaborate with stakeholders to identify access and data collection gaps providing specialist Cyber technical advice, guidance and support.
Drive customer satisfaction and continuously seek to improve operational performance.
Maintain a continuous understanding of the threat landscape with in-depth knowledge around threat actors, TTPs and vulnerabilities
Actively support the Cyber Security Operations and Cyber Security Engineering functions in the planning, development and execution of initiatives designed to improve services and performance.
Excellent soft skills in the form of team working, problem solving and communication.
A keen self-starter who can evidence excellent customer service and can collaborate effectively.
Demonstrable experience working with SIEM technology, preferably within a CSOC / SOC environment
Demonstrable technical knowledge, skills and / or experience in intrusion analysis, and network and security investigation using a variety of security tools (EDR, DLP, AV, Snort, Wireshark, TCPdump etc.).
Working knowledge and experience of core security and infrastructure technologies (e.g. firewall logs, network security tools, malware detonation devices, proxies, IPS / IDS)
Having achieved at least a BSc or MSc in Cyber Security incorporating Ethical Hacking, Digital Forensics or Information Security; or
One or more of the following industry certifications : CEH, GCIA, GCIH, GSEC, Security+, GCTI
Experience in secured cloud architectures (Azure, AWS) and engineering solutions
Formal experience in Digital Forensics or experience using EnCase, FTK Imager or similar
An understanding of multiple operating systems and their programming interfaces such as UNIX Shell and PowerShell.
An awareness of cyber security related standards and regulations, for example, NIST, CIS, ISO 27001 and PCI DSS
Salary dependent on experience
Role based out of our Century City offices (currently working remotely)
40 - 45 hours per week (This will be a mixed early and late shift rotation, over a 4 days on, 4 days off pattern - The shift times will be discussed at interview stage)
20 days’ annual leave
Multiple HIIT, general fitness, yoga and meditation classes run virtually each week! (In addition to other wellness events and other social activities...)
Continual professional development plans