Lead Security Operations Centre (SOC) Analyst
Basingstoke, England, United KingdomPre-Sales
Nomios' mission is to build a ‘secure and connected’ future. Organisations across the globe depend on us to help secure and connect their digital infrastructures.
In support of our continued UK growth, we are seeking a Lead SOC Analyst to join our Security Operations team. This is a fantastic opportunity to work with a broad and diverse set of customers who have entrusted Nomios to deliver their security operations.
As Lead SOC Analyst, you will be involved in all aspects of the Nomios SOC. This role would suit someone in an existing lead role looking for a new challenge, or a senior analyst looking to progress their career to the next level!
Your role as Lead Security Operations Centre (SOC) Analyst
You will play a pivotal role within the Nomios SOC. Working closely with the SOC Manager, you will have responsibility for onboarding new customers, responding to incidents, acting as an escalation point, and helping to maintain and improve best practice and operational efficiency.
You will be supported in your role with extensive training, ensuring Nomios delivers the best service to its customers, whilst allowing you to develop your own career.
- Supervise and mentor junior SOC analysts in support of their professional development
- Creation of incident response playbooks (SOAR)
- Design and implementation of detection scenarios/use-cases (using the MITRE ATT&CK Framework)
- Implementation of new SIEM rules and improvement of existing rules
- Identification, analysis, and qualification of security alerts
- Act as a senior escalation point during incident investigation and response
- Build hypothesis and lead Threat Hunting activities
- Review Vulnerability Management reports and provide analyst insight
- Definition of, and participation in, SOC improvement projects (tooling, process, increase in SOC coverage)
- Delivery of investigation reports, including response plans and continual improvement steps
- Documentation of processes and procedures with the SOC environment
- Provide feedback based on incidents, external threat sources and knowledge to improve detection and capabilities within the SOC to aid in continual improvement
We hire smart, high-energy people! You should be organised and rigorous, with excellent analytical skills. Good communication with customers and internal stakeholders is vital, as is the ability to work as part of a dynamic team.
Required technical skills include:
- Expert Knowledge of SOAR – including automation and integrations. Preferred vendors: Palo Alto XSOAR
- Expert Knowledge of SIEMs – including incident investigation and custom detection rules. Preferred vendors: Microsoft Sentinel, Google Chronicle
- Good Knowledge of EDR/XDR – including incident investigation and custom detection rules. Preferred vendors: CrowdStrike, Microsoft, Palo Alto, SentinelOne
- Good Knowledge of VM – including analysis and prioritisation. Preferred vendors: Rapid 7
- Foundational Knowledge of CTI – including build and value within a SOC environment. Preferred vendors: Mandiant
Additional requirements include:
- 3+ years’ experience working within a Security Operations Centre (SOC) as a security analyst to resolve security incidents using a range of tools
- Proven experience in incident response
- Fluent in English with excellent written and oral communication skills
- Ability to use initiative and work independently
- Strong team player
- This is a hybrid role, requiring regular attendance at our Basingstoke office (free hot & cold drinks, breakfast items, snacks, lunches, and regular takeaway Fridays are provided to all staff in the office!)
- Hours are full-time: Monday-Friday, 9:00am-5:30pm
- There is an on-call requirement to lead P1 out-of-hours incident response
Why would you choose to come and work with us?
You will get to work in a dynamic, fast-paced environment where you are free to use your initiative in support of our strategic goals, working alongside high calibre sales, technical, and operational experts. We are a supportive, tight-knit team, within which every individual has an important part to play and makes a real difference. Nomios offers a highly competitive salary and commission scheme, rewarding success, along with industry-leading benefits.
Nomios is an equal opportunity employer and is committed to creating and sustaining an environment in which everyone is provided with an equal opportunity to grow and develop, and no individual will be unjustly discriminated against. This includes, but is not limited to, discrimination because of age, disability, gender reassignment, marriage and civil partnership, pregnancy and maternity, race, religion and belief, sex and sexual orientation.