SOC: 3rd Line SME & Threat Hunter

Job Description

Duties include:
You are the end of the line of technical escalations for Incidents that enter SOC. You will use your analytical skills to quickly build and communicate an Incident resolution plan
Use your specialist knowledge to carry out root cause analysis on any problems that are raised internally or in our customers’ environments
When you are not engaged on escalated Incidents or problems, you will be responsible for finding security Incidents that are hiding in the noise before an attack has happened, or those that have slipped the net of the monitoring systems
Use a plethora of tools to track down adversaries and identify suspicious behaviour
Using a combination of NetFlow records, event logs, IPS events etc you will write custom queries to analyse system and user behaviours
Present your technical findings to customers, your peers and the leadership team
Provide your skills and experience to the wider team to help develop portfolio of managed services and helping the adoption of best practice throughout the group of companies

Skills and experience required:
Deep and up-to-date knowledge of TCP/IP; Operating Systems and Network Protocols; Malware methods; Attack methodologies; TTPs (Tactics, Techniques, Procedures)
Some coding skills in Python,Perl, C, C++ etc
Cisco CCNP / Microsoft MCSE / Linux / Ethical Hacking