24/7 SOC Engineer

Job description

You will be working in the SOC team, supervised by the SOC Team Lead, who reports into the Head of Managed Services.

The role will be focused on the day-to-day monitoring of our SIEM platform and security applications deployed at our customer base, as well as providing support functions for network ad infrastructure. You will be the first line of support for clients who have existing support services and Managed Detection & Response services.

The role requires working in a 24x7x365 environment, on a 12-hour shift basis, 4 days on, 4 days off alternating between days and nights.

KEY RESPONSIBILITIES:

·       First and second line support for client raised security events and incidents          reported by phone and/or email

·       On boarding clients to tools such as SIEM, EDR, OT Monitoring

·       Proactive monitoring of security tools such as SIEM, EDR, Firewalls

·       Acknowledge, analyse and validate incidents triggered from correlated                events through SIEM solution

·       Perform false positive and false negative analysis

·       Taking immediate action on incidents where capability allows

·       Escalation of high severity threats to client and/or appropriate technical              team

·       Adhere to incident response processes

·       Contributing details for documented incident reports

·       Liaising with manufactures regarding product specific issues

·       Supporting 24/7 SOC Team Lead on any requests in area of expertise

·       Prepare, maintain, and adhere to procedures for logging, reporting, and
        statistically monitoring data as directed.

·       Ensuring time is accurately logged against client work, for billing purposes

·       Handling technical incident tickets within contractual SLA and KPIs

·       Identify new technologies opportunities to enhance the product and                    service portfolio

·       Respond to emergency outages in accordance with business continuity and          disaster recovery plans.

·       Adopt a proactive approach towards all client activities.

·       Collaborate with all the Technical Service departments when required to              ensure business objectives are met.

·       Support delivery of projects with chosen technologies

.       Own personal training plan that is put in place with line manager

·       Highlight areas for improvement to supervisor where applicable

·       Ensuring adherence to Axians’ Management System Manual for Quality                (ISO 9001), InfoSec (ISO 27001) and ESG (ISO 14001).

.       Expectation to assist with other tasks requested by supervisor or line                  manager

Desired profile

Desired Skills/Qualifications/Experience

·       Degree in Cybersecurity or similar

·       Experience with EDR solutions such as Sentinel One, Palo Alto Cortex,                Carbon Black

·       Experience working in an IT Support or Security/SOC team

·       Experience with IAM platforms such as Azure AD or Okta

·       Experience with Azure or AWS

·       Experience/Understanding of SIEM/SOAR solutions FortiSIEM / Splunk /              LogRythm / AlienVault

·       Knowledge of network environments                                                                (routing/switching/VLANS/Security/Wireless/etc.)

·       Knowledge of Firewalls (IDS/IPS/DPI/WAF/Web Filter/App Control)

·       Knowledge of Windows Server infrastructure, Active Directory

·       Knowledge of security concepts (CIA/MITRE ATT&CK                                          Framework/Vulnerabilities)

·       Knowledge of ITIL disciplines such as Incident, Problem and Change                    Management

.       CompTIA Security+ / CySA+ or similar
.       Fortinet Solutions – NSE Certifications
.       Knowledge of scripting – Python, Powershell, Perl desirable
.       Drive to work off own initiative
.       Ability to work in a fast paced, changing environment
.      Understanding of ticket management systems and SLAs
 

Personal attributes:

.       Must be self-motivated with a positive can do attitude
.       Must be able to work un-supervised, on own initiative as well as within a            team
.       Must be a logical thinker
.       Must remain calm under pressure
,       Be confident in both spoken and written communications
.       An excellent problem solver with strong analytical skills
.       Can meet deadlines and maintain high standards even when under                      pressure
.       Must have understanding and appreciation to rigid process adherence
.       Must be willing to take on the unknown with the desire to learn
·       Must hold full driving licence valid in UK

·       Ability to work as part of a team but virtually at times due to remote and             solo working

Demonstrate the company values at all times in behaviour and attitude both internally and externally, these are:

Trust
Dynamic
Supportive
 

The above responsibilities are indicative of the work required and should not be seen as an exhaustive list.

About Axians

Expert of energy technologies and IT services, VINCI Energies (64,500 employees, €10.2 billion of turnover) design, implement and maintain solutions to the industry, service sector and local communities.
In the United Kingdom and Republic of Ireland, VINCI Energies provides electrical design, project management, installation and maintenance services since 1907. Through its 16 closely networked Business Units, VINCI Energies operates in 4 different sectors: Infrastructure, Industry, Telecommunications and building services.