SOC Engineer

Ref: ZR_6951_JOB  ·  Posted on 05 May 2022

Introduction

My client is a well-established defence and security company that are at the forefront of cyber security within the UK. They are looking for a SOC Engineer to aid in the development of their current cyber security capabilities by implementing a variety of SOC services. To achieve this, you will be integrated within the team, following the design direction from the SOC Architect and liaising with SMEs across the SOC.

The main mission of the SOC Engineer is to work closely with the SOC Architect, taking guidance on SOC solution design decisions, taking ownership of SOC services LLDs and implementing the SOC services in line with the programme waterfall engineering lifecycle. You will also be working closely with other Engineers and the Integration Manager to ensure the implementation of SOC solutions are coordinated with the implementation of the wider system. You will support, as necessary, internal and customer facing technical workshops or design reviews to answer questions on SOC solutions configurations or implementation dependencies.

This role will be fully based onsite in my clients Newport office and an active SC security clearance will be required for this role.

Key responsibilities
  • Produce and maintain associated SOC LLDs, builds and configuration records.
  • Implementation/delivery of SOC solutions:
  • Protective monitoring service
  • SIEM
  • IDS/IPS
  • Vulnerability Scanning
  • Foster a professional working relationship with the internal engineering team to ensure the SOC solution is successfully implemented into the overall system.
  • Establish and maintain a professional working relationship with the project team.
  • Support the development of SOC use cases; liaise with the SOC Architect, Engineering team & SOC analysts.
  • Report progress of SOC solution implementation on a regular basis to the Project Team, raising issues/assumptions/dependencies/risks in a timely manner with a recommendation for any necessary remediation.
Skills & experience
  • 5+ years’ experience of implementing SOC services
  • STEM related Degree
  • SIEM (Experience using Splunk is desirable)
  • Integration with various log sources (e.g., Windows, Cisco, SQL, SolarWinds)
  • SIEM backup/restore implementation
  • SIEM data retention implementation
  • SIEM online search /offline search configuration
  • SIEM business continuity/replication implementation
  • SIEM Alerting/Reporting/dashboard implementation
  • Vulnerability scanners (Experience using Tripwire is desirable)
  • Agent (e.g., Windows) & Agentless scanning
  • Scan & report scheduling
  • IDS/IPS (Experience using FortiGate is desirable)
  • IDS/IPS policy configuration
  • Monitor/inline mode implementation
  • Applying SOC server platform lockdowns, Virtualisation security

The client would also like to see some of the below, but this is not essential:

  • Experience of SOC solutions delivery to UK government customers.
  • Security standards (e.g., JSP 440, JSP 604, ISO 27001).
  • Experience of log collection through Data Diodes.
  • Red Hat 8+ experience.
  • Cisco UCS experience.
  • VMware ESXi experience.
  • Technical Certifications (CCNP Security, MCSE, VMware, SANS, Crest).

Our client is committed to providing a diverse and inclusive workplace and welcomes applications from all backgrounds.

You will be required to hold a minimum of SC Clearance. If you do not hold an active SC clearance, please familiarise yourself with the vetting process before applying.

Apply for role
Engineering Contract SC Cleared Security Cyber Defence

Refer your friend: We want to give you a Netflix or Amazon Prime subscription and £250 Love2Shop vouchers!

Refer your friend
Refer your friend:
Contact us

Let's connect and work together

Start the conversation

Submit CV  ·  Submit Vacancy