24/7 SOC Engineer
PURPOSE OF ROLE:
You will be working in the SOC team, supervised by the SOC Team Lead, who reports into the Head of Managed Services.
The role will be focused on the day-to-day monitoring of our SIEM platform and security applications deployed at our customer base, as well as providing support functions for network ad infrastructure. You will be the first line of support for clients who have existing support services and Managed Detection & Response services.
The role requires working in a 24x7x365 environment, on a 12-hour shift basis, 4 days on, 4 days off alternating between days and nights.
KEY RESPONSIBILITIES:
- First and second line support for client raised security events and incidents reported by phone and/or email
- On boarding clients to tools such as SIEM, EDR, OT Monitoring
- Proactive monitoring of security tools such as SIEM, EDR, Firewalls
- Acknowledge, analyse and validate incidents triggered from correlated events through SIEM solution
- Perform false positive and false negative analysis
- Taking immediate action on incidents where capability allows
- Escalation of high severity threats to client and/or appropriate technical team
- Adhere to incident response processes
- Contributing details for documented incident reports
- Liaising with manufactures regarding product specific issues
- Supporting 24/7 SOC Team Lead on any requests in area of expertise
- Prepare, maintain, and adhere to procedures for logging, reporting, and
statistically monitoring data as directed. - Ensuring time is accurately logged against client work, for billing purposes
- Handling technical incident tickets within contractual SLA and KPIs
- Identify new technologies opportunities to enhance the product and service portfolio
- Respond to emergency outages in accordance with business continuity and disaster recovery plans.
- Adopt a proactive approach towards all client activities.
- Collaborate with all the Technical Service departments when required to ensure business objectives are met.
- Support delivery of projects with chosen technologies
- Own personal training plan that is put in place with line manager
- Highlight areas for improvement to supervisor where applicable
- Ensuring adherence to Axians’ Management System Manual for Quality (ISO 9001), InfoSec (ISO 27001) and ESG (ISO 14001).
- Expectation to assist with other tasks requested by supervisor or line manager
- Desired Skills/Qualifications/Experience
- Degree in Cybersecurity or similar
- Experience with EDR solutions such as Sentinel One, Palo Alto Cortex, Carbon Black
- Experience working in an IT Support or Security/SOC team
- Experience with IAM platforms such as Azure AD or Okta
- Experience with Azure or AWS
- Experience/Understanding of SIEM/SOAR solutions FortiSIEM / Splunk / LogRythm / AlienVault
- Knowledge of network environments (routing/switching/VLANS/Security/Wireless/etc.)
- Knowledge of Firewalls (IDS/IPS/DPI/WAF/Web Filter/App Control)
- Knowledge of Windows Server infrastructure, Active Directory
- Knowledge of security concepts (CIA/MITRE ATT&CK Framework/Vulnerabilities)
- Knowledge of ITIL disciplines such as Incident, Problem and Change Management
- CompTIA Security+ / CySA+ or similar
- Fortinet Solutions – NSE Certifications
- Knowledge of scripting – Python, Powershell, Perl desirable
- Drive to work off own initiative
- Ability to work in a fast paced, changing environment
- Understanding of ticket management systems and SLAs
Personal attributes:
- Must be self-motivated with a positive can do attitude
- Must be able to work un-supervised, on own initiative as well as within a team
- Must be a logical thinker
- Must remain calm under pressure
- Be confident in both spoken and written communications
- An excellent problem solver with strong analytical skills
- Can meet deadlines and maintain high standards even when under pressure
- Must have understanding and appreciation to rigid process adherence
- Must be willing to take on the unknown with the desire to learn
- Must hold full driving licence valid in UK
- Ability to work as part of a team but virtually at times due to remote and solo working
Demonstrate the company values at all times in behaviour and attitude both internally and externally, these are:
- Be Open & Honest
- Collaborate through Teamwork
- Think Customer
- Act with Pace
- Take Responsibility & Accountability
The above responsibilities are indicative of the work required and should not be seen as an exhaustive list.
24/7 SOC Engineer
Loading application form