FPG Cyber is currently recruiting on behalf of our prestigious client, a World & Gartner Quadrant Leading MDR Provider for a Security Analyst the role is semi-remote, working out of our client?s office?s in Cardiff, UK. Our client is an innovative Cyber Leader who are growing rapidly, they are on a mission to eliminate the fear of impact from cyber threats and attacks. This is a fantastic opportunity to excel your career & grow, for someone who wants autonomy in their next role with the opportunity to have their ideas listened too & acted on.
This Security Analyst will play an integral part in extending our customers team & delivering an outstanding customer experience to allow our customers the freedom to conduct business safely
They will be reporting to the Operational Lead of the Security Operations team & will act as a Customer Champion, always working with the relentless ambition to resolve customer incidents and questions by demonstrating ownership, empathy, and a desire to broaden their knowledge and skills. They will be expected to demonstrate their understanding of our clients services by providing our customers with a route to resolution.
Work closely with our customers internal teams to provide detailed analysis & response for incidents
Act as a Security Expert and Ambassador for our customer meetings, both physical and virtual, including client visits, SOC tours, review calls and customer orientations
Serve as security expert to customers and team members
To monitor global NIDS, Firewall, and log correlation tools for potential threats
To review and identify improvements to current knowledge base articles (KBAs), standard operating procedures (SOPs) and operational processes for the benefit of our customers and internal teams
To work with Security Operations Center colleagues and other technical teams to ensure that customer queries are addressed promptly and according to Standard Operating Procedures, Customer Management processes always with the intent to provide World Class Customer Service
To manage incident, change, and request cases submitted to the Security Operations team for resolution
To provide mentorship to Security Analysts, and to provide collaborative support to the wider Security Operations Center
Provide World-Class Customer Experience and Security outcomes to our customers.
Demonstrate ownership of customer issues
Communicate directly with the end customers and partners; set clear expectations of how often updates to a case will be received
Provide guidance and training to customers through pre-arranged virtual meetings
Follow defined escalation paths to ensure proper resolution to issues
Tune our propriety security products to generate higher fidelity observables and reduce benign or ?noisy? events from customer environments
Investigate and advise our customers concerning risks and active vulnerabilities identified within monitored network environments
Escalate high priority technical or security related issues by communicating your analysis to our customers in a timely fashion and in accordance with customer specifications
Provide support to our customers by analyzing and reviewing logs or functional events within our customers? network systems and report on any abnormalities to customer designated security contacts
Provide customers with pre-published Knowledge Base Articles, Incident remediation and prevention documentation and assist in the development of new articles
Conduct deep dive analysis and undertake threat hunting activities to support Content Management and Threat Intelligence activities.
Own and develop undefined workflow items until mature processes are implemented and assist with the documentation of such processes.
Engage, liaise with and support our customers to overcome and resolve service impacting issues and challenges experienced with the use of our products and services.
Have an intermediate understanding of our Products and Services, in addition to having industry recognized skills relating to information security, Linux, Windows and Networking.
Collaborate with peers to identify improvements to the customer experience and to maximize operational efficiencies.
Escalate high priority technical or security related issues to the Technical Lead.
Act as a representative of other Security Operations Center stakeholders in Product and Engineering reviews and product launches/enhancements.
Effectively communicate information relating to Customers and operational delivery between shift teams.
Identify and drive improvement opportunities relating to customer experience and security value.
Initiate escalation procedures to counteract potential threats/vulnerabilities.
Assist and coordinate in the coordination of the our response to Customer Reported Events.
Analyze, escalate and respond to security events, observables and incidents detected by our propriety security products.
Carry out further analysis and investigation of security events to assist the our Content team.
Provide security expertise, directly or through appropriate tasking, for customers during incident responses, including remediation and prevention documentation.
Resolve requests and incidents in a timely manner in accordance with customer contracted Service Level Agreements.
Required Skills and Experience:
Strong belief in ownership, from identification through resolution and validation of Operational issues.
A team player who is willing to participate in the day to day activities.
A detail-oriented working style.
The ability and willingness to communicate.
The willingness to share knowledge with team members, leadership and customers.
Strong Customer Focus.
Required Attributes (technical):
Be able to prioritise escalated cases/requests.
Intermediate command of Linux systems administration and working with BASH
Intermediate understanding of networking including TCP/IP
Intermediate experience with network monitoring and packet analysis tools
Intermediate understanding of a cloud environment & infrastructure (AWS, Azure, Google Cloud, etc.)
Basic hands on experience working with Windows infrastructure
Basic experience in one of Linux, Windows or Database administration
Basic hands on experience configuring Windows or Linux system logging
Intermediate understanding of Windows or Linux logging / auditing capabilities
Capability and skill reviews will take place during one-one-one sessions, with formal performance reviews taking place in line with the our appraisal schedule.
Assessment of ability will be carried out by the Operations Lead and Manager.
The Security Analyst will work on a scheduled shift of 40 working hours per week, these shifts will be in accordance with the company Shift Policy. Their SOC operates an under a ?Follow the Sun? approach and the shift start times will therefore be set to ensure 24-hour coverage between the US and the UKThe Professional Security Analyst will take daily tasking from the Operations Lead and where appropriate, the Manager, and will be required to work collaboratively with other team members, both within the Security Operations Center and with other internal departments, to ensure that cases are acknowledged, prioritized, and resolved within the agreed timescales
Start date is = immediate (notice period accepted for the right candidates) please forward your resumes to: Tom Layzell at FPG Cyber firstname.lastname@example.org +1 (202) 972 4320