Cyber Security Operations Centre Lead Analyst - Secureworks - London, UKLondon, United Kingdom 05/13/2019
Cyber Security Operations Centre Lead Analyst
Secureworks (SCWX-NASDAQ) is a global leader in intelligence-driven information security solutions. We help organizations confidently pursue business goals in a digitally-connected world.Consistently recognized by industry analysts and readers’ polls, we are one of the best in the world at understanding and anticipating threat behavior. We see 250 billion events every day across 4400 clients in more than 55 countries, and our solutions work across all the layers of a client’s security environment, including 330 different vendor technologies. Join a talented, dedicated, and diverse team of researchers, analysts, engineers, consultants and business professionals who are focused 100% on protecting our clients from cyber threats. We seek out the brightest minds and empower our teams with the tools and support they need to fight the bad guys and maintain our company’s leadership in the cyber security industry.
Uniquely positioned to adapt as the industry evolves, we are also proud to be part of the Dell Technologies family. We enjoy competitive compensation and benefits packages, and reward and recognize our employees for exceptional results. A constant focus on continued learning and growth keeps our team members engaged and excited about “what’s next.” We offer flexible work options when available, and emphasize the importance of work-life balance. We know that when our people are rewarded, recognized, and rejuvenated, we win as a team.
We're looking for a Cyber Security Operations Centre Lead Analyst to lead the efforts to operate a successful security operations teams for one of our clients in London. This role will be based onsite at the client sites in London and function as a lead role between Secureworks and their own internal SOC and CSIRT teams.
- Deal with escalations from the Secureworks SOC by doing investigations and help coordinate any investigation/response between client and Secureworks SOC / Intrusion Analysts
- Contribute to use-case development for security monitoring, with a focus on cloud/AWS, as well as contributing to the threat intelligence that our client is building, leveraging multiple platforms, automation and community memberships
- Contribute to threat intelligence, threat hunting/deception technology for client(s)
- Lead the efforts to operate a successful SOC team by driving innovation, process improvement, security alert efficiencies and lead the charge assisting the client to strengthen their security program
- Provide Seniority and oversight for the SOC Team
- Deliver technical training in areas such as incident handling, event analysis and correlation, general SIEM skills, IPS/IDS and log monitoring, MSS, threat management etc.
- Analyse the data, perform application, log, OS, disk, network level analysis for troubleshooting and researching events and alerts, discover and identify its source, purpose, intent, and if malicious or abnormal, then escalate within the incident response procedures
- Bring together client computer security incident response (CSIRT) principals during severe incidents
- Working with client(s) to secure services migrated to cloud platform
- Typically 5+ years experience in IT Security including security operations and being a Sr/lead analyst in a SOC/MSSP or mature internal team
- Analysing security log reviews from a range of sources, including SIEM - ideally Splunk (Arcsight/Qradar/Logrhythm etc), IPS/IDS
- Endpoint Security (e.g. Carbon Black); Windows Eventlog
- Threat Intelligence - in the context of using it in a Security Operations environment
- Securing services migrated to cloud platform (AWS/AZURE etc) preferred
- Industry recognised certifications such as: SANS GIAC GCIA, GCIH, GCFA, GNFA, GCTI, GREM or CEH, CISSP etc
Why work with us?
Life at Secureworks means collaborating with dedicated professionals with a passion for technology. When we see something that could be improved, we get to work inventing the solution. Our people demonstrate our winning culture through positive and meaningful relationships. We invest in our people and offer a series of programs that enables them to pursue a career that fulfils their potential. Our team members’ health and wellness is our priority as well as rewarding them for their hard work.
As a leading technology employer, we actively encourage further development for our employees. This is done through our range of internal training programmes, training affiliation with SANS GIAC, various vendors, encouragement for the team to go technology conferences or even our regular company hackathons.
Secureworks is part of the Dell Technologies family of brands. If you require any assistance in applying for an open position or have any specific requirements to attend an interview, please contact UK_Talent_Acquisition@Dell.com
We are a Disability Confident Committed Employer and aim to ensure our recruitment process is inclusive and accessible.
Secureworks, a Dell Technologies company, is committed to the principle of equal employment opportunity for all employees and to providing employees with a work environment free of discrimination and harassment. All employment decisions at Secureworks are based on business needs, job requirements and individual qualifications, without regard to race, colour, religion or belief, national, social or ethnic origin, sex (including pregnancy), age, physical, mental or sensory disability, HIV status, sexual orientation, gender identity and/or expression, marital, civil union or domestic partnership status, past or present military service, family medical history or genetic information, family or parental status, or any other status protected by the laws or regulations in the locations where we operate. Secureworks will not tolerate discrimination or harassment based on any of these characteristics.Job Family: Secureworks Job ID: R73819
Related Job Opportunities
- Senior Security Architect - Secureworks - London, UK Multiple Locations
- Enterprise Account Executive, Cyber Security - London, UK (Remote) - Secureworks Sales Multiple Locations
- Solutions Architect, (Cyber Security Services), London, UK (Remote) - Secureworks Sales London, United Kingdom