|SOC L2 Analyst|
|We are a UK based, award winning, IT services and technology company with over 25 years’ experience. We provide a range of IT support and Microsoft-centric, business software and cloud solutions to help mid-market organisations modernise their IT so they can compete and win in the digital economy. More than 300 clients trust us to take responsibility for part, or all, of their IT from solution design to support.
Acora has its Head Office in Burgess Hill, West Sussex as well as locations in Bletchley and Solihull.
We are growing, ambitious and hard working. Our desire is to be an employer of choice with happy and fulfilled employees. Training, development and wellbeing are important aspects of our people focus.
To provide the mid-market with an outstanding customer experience through innovation and great people and become the leading provider of IT services within 4 years.
At Acora, we’re proud to share the values we live by. They’re not dusty abstract concepts. Our values define our culture: they act as a promise to our customers and a constant challenge to ourselves, both as individuals and as a team, to be Game-Changers.
- Be the best you can be
- We do what we say
- Together we win
|Do you have the drive to understand the actions of organized attackers? Do you have the passion to work intrusions and stop attackers? Security Operations Center (SOC) is looking for a seasoned and dynamic person to thrive in a Senior Security Analyst role focusing on detection, prevention & response to threats against the network.|
|• Proactive monitoring and response of known and or emerging threats against the network.
• Gathering information about high-value assets, threat landscape, and breach exposure from a myriad array of sources.
• Conducting detailed & comprehensive investigation and triage on wide variety of security events, and implement remediation processes.
• Perform complex data analysis in support of security event management.
• Participation on Incident Response that includes root cause and lessons learned.
• Collaborate with Level 3 analysts, incident responders, engineering team, and customer's security teams to coordinate incident response and remediation efforts.
• Identify opportunities to improve process and/or tools to ensure highest level of quality, including documentation, mentoring and training sessions.
• Participate in shifts, on-call and after hours support of incident management .
• Manage Shift resources and activities, supervising, monitoring, mentoring and acting as escalation point for L1s, driving shift metrics and managing shift handovers.
• Performing binary analysis on suspicious files .
• Participation in the development of new SIEM rules and analytics.
• Conduct security research and intelligence gathering in regards to emerging threats and exploits.
• Participate in Customer projects
|• 3+ years’ experience of one of the following:
o Network operations or engineering , including packet analysis
o administration on Unix, Linux, or Windows
• 3+ years’ experience with common security operations systems, Intrusion Detection Systems (IDS/IPS), Security Incident Event Management systems (SIEM), anti-virus log collection systems, vulnerability management, etc.
• Demonstrated experience with a wide variety of security logs to detect and resolve security issues.
• Strong problem resolution, judgment and decision making skills
• Proactive and cooperative relationships exist within own team and other individuals/groups that interface with the team.
• Excellent interpersonal and group dynamic skills.
• Highly developed analytical and problem solving skills.
• Familiarity with current legal and regulatory requirements around information security and privacy, including PCI, SOX, HIPAA, etc
• Ability to deal with the ambiguity associated with working in a fast paced and changing environment
• Excellent written and oral communication skills.
• Experience with security events, including large-scale breaches, is a must; as is the ability to identify themes and trends out of large datasets.
• CISSP, GCIA, or GCIH certification required
• BA/BS in Computer Science, Information Security, or related field or three years of equivalent experience