Job Description
Nigel Wright is supporting a financial services business who is seeking a Security Operations Analyst with Sentinel experience to join the IT Security and Governance team on a fixed term basis for a period of 12 months. In this home-based role, as a Security Operations Analyst, you will be responsible for securing and protecting network systems, applications, and data. This includes ensuring the appropriate IT Security controls and processes are in place across the business's Microsoft IT infrastructure. You will support the SOC team in conducting initial incident triage, determining scope, urgency, and appropriate actions to mitigate threats.
The Role
The Security Operations Analyst will support the rest of the security operations team to monitor, triage, and investigate alerts and incidents within the Sentinel SIEM tool.
You will:
- Support the SOC team in conducting initial incident triage, determining scope, urgency, and appropriate actions to mitigate threats.
- Participate in the incident response process, assisting with investigation and remediation.
- Support managing support requests via the ITSM tool.
- Support with BAU activities such as daily checks.
- Assist with analyzing and trending of security log data.
- Support triaging of vulnerabilities, response, and mitigation with teams across IT.
- Support remediation actions meetings across technical teams, including evaluating and translating vulnerability scan and pentest results.
- Support with Threat Hunting activities.
- Analyze and support with analytical rules for incidents.
- Support with QBRs and vendor management meetings.
- Support with reviewing and evaluating security control effectiveness.
- Support with change management requests within IT Security and reviewing other technical teams' change requests.
- Support and create process and procedural documentation.
The Person
With prior experience as a Security Operations Analyst, you will have a technical understanding of the required security controls to secure complex architectural solutions hosted on-premise and in the Microsoft Cloud. Experience managing security in M365, including the full suite of E5 security tools/Defender products, is key to this role.
You will have experience of working with Microsoft Sentinel and ideally have recognized Microsoft security certifications such as SC-900, SC-200, AZ-104, AZ-500; however, this isn't essential.
#J-18808-Ljbffr