SOC & Incident Response Lead

Applications have now closed

Please visit our main job board to see all our current vacancies.

SOC & Incident Response Lead

An opportunity for a highly skilled SOC, SIEM and IR specialist to join a growing MSSP / Cyber Security consultancy, to find out more, please read on!

Job Description

Senior SOC Lead/ IR Consultant
£50,000 - £70,000

This is an exciting role to suit a passionate and keen cyber security enthusiast with a proven background in SOC environments with strong exposure to Incident Response
You will join a growing industry leader (across the UK and Northern America) helping to continue the development of their Managed Security Services offerings across the UK and Europe.
We are looking for a technical lead to execute on a technical strategy to develop to Security Operations Centre (SOC).
As well as working closely with SOC Manger and SOC Analyst teams, you will:
" Be involved in a wide range of activities from pre sales, helping with recruitment, and enhancing and developing the service.
" Leading SOC Maturity Development work within the industry and designing suitable services for this area is also a key part.
" My client has an active involvement in the key bodies that are shaping this maturing area and this role will require active leadership within this.
Other requirements include
" Manage and develop the SOCs capability technically and commercially
" Be able to guide, influence and provide thought leadership within managed monitoring logging services
" Execute on a technical strategy to develop the SOC technical capabilities (alarms, events, response, training and SOC maturity)
" Be able to work with the team to lead and have managed complex/sophisticated IR investigations
" Work alongside Senior IR team members and manage incidents in line with industry standards and practices
" Work with the sales team and manage pre sales calls and meetings
" Demonstrate the SOC's capability to senior managers and explain the benefits to C-Level
Proven Experience
" Experience of offensive security (i.e. Pen testing)
" Be hands on familiar with SIEM solutions, in particular LogRhythm, IDS/IDS rules, YARA rules
" Knowledge and experience with proactive threat hunting techniques and procedures
" Understand what sophisticated, real world attacks look like and how to identify TTP's within log data
" Have experience with and knowledge of threat intelligence, honeypots and 3rd party TI feeds
" Proven experience with offensive security (penetration testing), as well as incident response, networking and endpoint solutions, are all distinct advantages.
Qualifications / Further Skills
" IT Security related degree
" Hold, or be able to sit and pass the CREST Incident Manager exam within 3 months
" In-depth knowledge of operating systems - Windows & Linux
" In-depth knowledge of firewalls & IDS/IPS
" Excellent verbal, written and presentation skills
" Collaborative attitude and must be able to co-ordinate with teams across continents.
" Industry standard information security certification (CISSP, CISM etc.)
" Hold a CREST (or other industry related exam) in Penetration Testing (CRT. CCT, etc.)
" Hold the CREST Host, Network or Malware exam
" Ideally have led a SOC (internal or MSSP) and been involved in deep dive, sophisticated, advanced investigations
To find out more about this role and potentially other opportunities within the same client, please get in touch and apply immediately.

Advanced Resource Managers IT Limited operates & advertises as an Employment Agency for permanent positions and as an Employment Business for contract/temporary positions.

Key Consultant

Tom Hickling

Tom Hickling profile

I specialise within the network security market, focusing on SIEM, Next-Gen Firewalls, IDS, SOC and IR skills. I excel in placing senior security engineers, professional services and pre-sales consultants within my given niche. I strive to build long-term, fruitful relationships with varied MSSPs, vendors and consultancies, working with hiring managers and internal recruitment teams.