Job Title

Tier I SOC Analyst - Job Description Summary/Objective Established in 2006, CyberClans carefully selected team of experts are capable of solving complex cyber security challenges keeping data secure and businesses running as usual. CyberClans Global Incident Response Teams are available 24/7/365 to leap into action, responding to all cyber attacks with proven defensive methodology, we quickly identify, contain, eradicate and recover from a cyber attack. Our goal is to get businesses fully operational as quickly as possible and to further prevent any downtown or impact to the business operations. Our SOC Analysts are our front line of cyber defence: monitoring & assessing cases, mitigating & defending against malicious cyber activity & adapting to an ever-changing threat landscape. Operating as a triage specialist responsible for the monitoring management and configuration of relevant security tools, containing and remediate attacks, as well as preventing intrusion and unauthorized access to critical data and devices.This role requires willingness to work shifts (including unsociable hours and bank holidays where these fall into your shift pattern) as part of a 24x7 team.Principal Duties and ResponsibilitiesMonitor and identify cyber security threats as well as SIEM alerts that pose a risk, or have the potential to pose a risk, to the client.Triage alerts & alarms across a broad range of security controls as they come into the SOC & assess urgency to escalate to Tier 2 as appropriate.Ensure investigation steps are clearly documented & accurately escalated to Tier 2 when needed.Provide Tier 1 case resolution for basic security cases including generating initial reporting, providing follow-ups & requesting information & resolution activity.Responsible for providing communication directly with CyberClans customers regarding security incidents, where threats appear & other related topics.Responsible for producing & maintaining documentation relevant to both the SOC & position.Responsible for updating & offering continual improvement to the knowledge base.Work with the CyberClan global team when responding to security incidents.Support the SOC team research global security events, issues & trends to produce security advisories for customers based on findings.Responsible for managing & configuring security monitoring tools.Investigating intrusion attempts & performing in-depth exploit analysis.Conducting cyber threat research & analysis for purposes of improving the strength of network security.Assist with defining, testing & operating new ways of working with new technology solutions or processes supplied to the SOC team.Provide analytical feedback on client network traffic patterns related to malware & other network threats.Accept, manage & update service requests & incidents to ensure contracted Service Level Agreements are met.Continuously develop both technical and personal skills required within the role and assist with development of other staff.Proactively support business KPIs.Understand & comply with all Information Security & company policies.Interact with strategic incident response & threat intelligence vendors.To undertake other responsibilities, training & tasks as reasonably requested by line management.Undertake periodic assurance reviews & produce associated reporting as required.Participate in CyberClan internal security awareness initiatives & other training requestsPersonal Specifications:Qualifications:Minimum of a bachelor's degree in a relevant field (e.g., Computer Science, Information Technology, Cybersecurity) or equivalent work experience.Security+ certification or equivalent (e.g., CompTIA CySA+, GSEC)ITIL FoundationSkills, Knowledge and Experience:Knowledge and experience of SOC tooling to identify threats.Experience of collaboration toolsKeen analytical mind and approachPrevious experience of SOC analysis beneficialProactively shares own expertise with othersKnowledge and experience of IT systems, networking and security threat landscape including:Network fundamentals for example OSI stack, TCP/IP, DNS. HTTPS, firewall logsCloud technologies (AWS, Google Cloud, Azure)Active Directory, Group Policies, PowerShellEndpoint protection applications (Antivirus, Web Filtering, ATP, Encryption)IDP/IPS SystemsSIEM toolsSOAR is an added advantageKnowledge of malware capabilities, attack vectors and impact.Personal Qualities:Excellent interpersonal & customer service skillsAbility to communicate technical information to non-technical stakeholdersGenuine enthusiasm and drive to work within cyber securityGood written skills to write explanations of systems, regulations and or proceduresAbility to identify and suggest continual improvementGood analytical and problem-solving skillsAbility to adapt to organisational change, work unsupervised & under pressureProven ability to manage varied workloadThis role may require a flexible work schedule, including shifts, weekends, and evenings. We strive to provide fair scheduling practices while fostering a collaborative work environment.