SIEM Analyst - Logrhythm

> Sheffield

> £35,000 - £45,000 + 10K Shift Allowance + Up to 20% Bonus

> 10% Pension + 10x Life Assurance + Excellent Benefits

> 24 / 7 x 365 Shift Pattern over a 5-Week Cycle

> On-Site Working

** The business will support the application for security clearance. Due to the nature of work, the individual has to be a UK national or have lived and worked in the UK for the past 5 consecutive years. **

The Role in a Nutshell

A SIEM LogRhythm specialist that has operational experience ideally within a Security or Network Operations Centre that can provide specialist technical support on complex network security and cyber security deployments.

* Shift work will be required to cover any 24x7 operations

About the Business

Security is one of the fastest-growing parts of this global organisation. They protect their networks from more than 6,500 cyber-attacks each day, investing over £40m in research each year and employ more than 3,000 people in the cyber security business alone - which makes them the largest private cyber security employer in the UK. With incredible opportunities to learn, develop and grow your skills, they will invest in you, nurture your potential and shape your future whatever your background or experience.

About this Role

This role exists to provide specialist technical support on complex network security and cyber security deployments for any and all of the business's UK contracts. The role holder will perform protective monitoring, triage, investigation, resolution and threat hunting from one of the Security Operations Centres. The role holder will monitor and respond to security events and incidents from managed customer security systems as part of a team. Monitoring real-time events and incidents from customers, as well as threat hunting from running reports and dashboards. Keeping abreast of intelligence from the IT security community (and government/law enforcement), or other industry sources.

Skills & Experience Required

Strong knowledge and experience in supporting LogRhythm (mandatory)

Good knowledge of security logging tools (log management, SIEM, Advance Security Anomalies Systems)

An appetite and appreciation of the cybersecurity landscape, including emerging risks and security solutions

Intimate relationship with TCP/IP protocol suite, DHCP, DNS, LAN/WAN, and Operating System concepts

Your network security knowledge is to include remote access, DMZ architecture, network monitoring, intrusion detection, and web server security

A deep interest or passion for threat intelligence. Utilising threat intelligence to make informed decisions to minimise harm to the business and customers

Understanding of at least one security methodology such as NIST, MITRE ATT&CK Framework.

Understanding of threat, offenses, incident detection & response

Relevant operational knowledge and experience of risk and incident management

Relevant experience in the analysis & interpretation of data into useable and actionable information/intelligence

Knowledge of Security management, information security and threat intelligence - SIEM technologies, network security, malware defence and remediation

ITIL4 Foundation - Desirable but not necessary

Relevant experience in stakeholder management and good interpersonal skills

Ability to acquire and maintain appropriate levels of clearance at all times (MPS, NPPV3 & SC clearances)

You'll have the following Responsibilities

Detect, analyse, and respond to cybersecurity incidents using a combination of cutting-edge technology and a strong set of processes

Work with incident response teams to ensure security issues are addressed quickly upon discovery. Monitor, analyse and defend against malicious or unusual activity that could be indicative of a security incident or compromise

Carry out the Investigation and resolution as required and where necessary report incidents involving potential or actual breaches of protective security compliance

Support the operational relationships with specific customers, suppliers and stakeholders, including all third parties and joint ventures ensuring the cost-effective provision of a professional security service.

Responsible for working in a 24x7 Cyber Security Operation Centre environment

Benefits

Up to 20% Bonus

10K Shift Allowance

10% Pension

10x Life assurance cover

Free annual shares

25 days' annual leave, plus bank holidays, and additional days for length of service

You'll enjoy access to 100s of instant discounts for restaurants, shops, and the cinema. These include money off your weekly shop and discounts on gift/shopping vouchers.

World-class training and development

keywords: 32216, LogRhythm, SIEM, SOC, NOC, Cyber Security, Cyber Threat Intelligence, Log Management, Network Security, shift work