Security Operations Centre Specialist 15 views

Fulfils the cyber security SOC specialist function. This role undertakes technical protective monitoring, monitoring of security events and performance of security tools, as well as investigating and handling (or assisting in handling) security events.

This role is responsible for undertaking all aspects of SOC activity, including hands-on monitoring of SIEM (security incident and event management) tools and other sources of alerts and of threat intelligence, maintaining the relationship with the vendors and suppliers of SOC products, including where relevant contract management responsibilities.

Responsibilities  

Your responsibilities will include but will not be limited to:

• Leading and undertaking technical protective monitoring, monitoring of security events and performance of security tools.
• Investigating and handling security events.
• Assessing risks to existing proposed systems and technical solutions, devising risk management plans to address issues.
• Provide support and assistance to the Senior SOC Specialist.

Additional Information 

Once probation period has passed, you will have the opportunity to be on-call on a rota basis, of which an allowance will be paid.

Applications will be accepted from full time/part time/job sharers. Full time roles at DVLA consist of 37 hours per week. Part time and/or flexible working may also be available subject to the needs of the business. If you have a flexible or part time working requirement, you should contact the vacancy holder in advance of making an application to avoid possible disappointment later in the process should your desired working arrangements not be compatible with the requirements of the role. To contact the vacancy holder, please use the job contact details listed under ‘Contact point for applicants’.

Successful candidates must meet the security requirements before they can be appointed. The level of security needed is Security Check. To allow for meaningful checks to be carried out, candidates will be required to have at least 5 years continuous residency in the UK. All applicants for this role must ensure that they meet this minimum residency requirement – if you do not, your application will be withdrawn.

You will be a security professional with significant experience of cyber security. You will possess a broad knowledge of the issues and techniques associated with securing a variety of technologies.

You must have demonstrable experience of the range of activities of a security operations centre (SOC) including:

• Responding to alerts and handling incidents.
• Monitoring network traffic and user behaviour for potential malicious activity using a variety of tools.
• Investigating security events and anomalous patterns of activity.

In addition, you must have substantial practical experience of using LogRhythm, although experience of other SIEM (security incident and event management) tools will be considered.

If you do not already hold the following qualifications, you must be willing to work towards these once in role:

• BCS Certificate in Information Security Management Principles (CISMP)
• CompTIA Security+