SOC (Security Operations Centre) Level 3 Analyst

SOC (Security Operations Centre) Level 3 Analyst

This SOC (Security Operations Centre) Level 3 Analyst position will report to the Cyber Security Operations Manager and will work within the Information Systems directorate based in our Crawley or Ipswich office. You will be a permanent employee.

You will attract a salary of £75,000.00 and a bonus of 7.5%. This role can also offer blended working after probationary period (6 months) - 3 days in the office and 2 remote.

Close Date: 16/09/2024

We also provide the following additional benefits:

• Personal Pension Plan – Personal contribution rates of 4% or 5% (UK Power Networks will make a corresponding contribution of 8% or 10%)
• Tax efficient benefits: cycle to work scheme
• Season ticket loan
• Occupational Health support
• Switched On – scheme providing discount on hundreds of retailers products.
• Discounted access to sports and social clubs
• Employee Assistance Programme.

JOB PURPOSE:

The role of a Security Operations Centre (SOC) Level 3 Analyst is to respond to high-severity cyber security incidents and escalated events and alerts then, using experience combined with industry tools and techniques, expedite a containment, eradication and recovery strategy to minimise business impact and ensure UK Power Networks' (UKPN) network systems and customer data are protected from cyber threats.

DIMENSIONS:

• People – Work collaboratively in a team of circa 14 permanent and temporary cyber security operations staff. Mentor Level 1 and Level 2 SOC Analysts, providing guidance and training.
• Suppliers – Regular interaction with technical resources provided by the outsourced Cyber Security Managed Service provider and cyber security tooling vendors.
• Communication – Verbal, written and presentational skills with the ability to articulate technical cyber security concepts to technical and non-technical colleagues across different levels of seniority.
• Stakeholders - Establish and maintain collaborative working relationships with internal and external technology teams and third-party providers, suppliers, and partners to improve outcomes and create agreement around a course of action.
• Advanced Threat Hunting: Analyse and assess multiple/complex threat intelligence sources and indicators of compromise (IOC) to identify new threat patterns, vulnerabilities and anomalies.
• Policy Development: Develop and create SOC policies, technical standards and procedure documentation in consideration of current industry best practice.
• Log Management: Work with our MSSP and service owners to ensure onboarding of all log sources into the SIEM solution and create alert use cases to correlate suspicious activities across assets and environments.
• Incident Response: Improve security incident response playbooks and processes, lead the response to escalated security alerts and high-severity security incidents.
• Security Orchestration, Automation, and Response (SOAR): Support and develop UKPN's SOAR platform, producing new workflows for automation using SOAR tools.
• Digital Forensics: Identify, analyse and report on serious cyber security incidents.
• Cyber Crisis Scenario Testing: Participate in regular cyber-attack simulation exercises to test the organisation's resilience to cyber threats.
• Reporting: Promote the continuous improvement of the security operations' reporting capability.
• Security Systems and Tools Support: Support the technical implementation, maintenance and configuration of the suite of security tools, products and systems.
• Audit: Participate in security audits and work with internal and external partners to ensure compliance with relevant regulations and standards.
• Continuous Improvement: Develop creative solutions to automate security event monitoring, detection and response.

NATURE AND SCOPE:

The Information Systems Department works across UK Power Networks, supporting us in the achievement of our vision to become the best performing DNO. Continuous improvement, customer service and seamless delivery is at the heart of this ethos and are therefore strongly underpinned by effective cyber security.

You will support all other team members, the rest of Information Systems team, IT Service Providers and partners across UK Power Networks to implement and improve cyber security operations capabilities.

The main measure of success for this role is upholding the IT and organisational resilience of UK Power Networks concerning cyber threats and incidents.

Qualifications:

• Considerable experience in a SOC Level 2 or 3 role with evidence of advanced threat hunting and incident response.
• Must have specific SOC training or qualification or academic equivalent such as bachelor's degree in Computer Science, Cybersecurity and IT, or related subject.
• Ideally hold an industry recognised information security qualification such as CISSP, AZ-500, or related certifications.
• Experience or knowledge in log correlation and analysis, including chain of custody and forensics investigations.
• An understanding of compliance and regulatory frameworks such as NCSC Cyber Assessment Framework and SO/IEC 27001/27002.
• Working knowledge of security technologies including SIEM, SOAR, EDR, and network analysis.
• Knowledge of adversarial tactics, techniques, procedures (TTPs) and industry standard frameworks.
• Detailed knowledge of SIEM and SOAR solutions, and Data Loss Prevention technologies.
• Practical experience of developing incident response playbooks/processes and investigating complex security breaches.

Health & Safety Responsibilities

Managers and supervisors carry both legal and company responsibilities for ensuring the health and safety of their employees. Employees will ensure they understand the health and safety risks involved in their work activities.

We are committed to equal employment opportunity regardless of race, colour, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender, gender identity or expression, or veteran status. We are proud to be an equal opportunity workplace.