Job Description
Job Title: XDR Security Analyst
Summary
Today, it is an unavoidable fact that your business critical infrastructure and systems are at risk of attack. The key to good security is a clear understanding of what is most critical to the business. Where you do not have enough internal resources, time or skills to monitor and manage your IT environment 24/7, NCC Group can help, freeing up your skilled employees to focus on value-add activity.
NCC Group provide a range of managed and hosted services delivered from our UK based Security Operations Centre SOC which operates 24/7, 365 days a year. Our team of over 30 accredited security experts are available 24/7, dealing daily with over 200 million log events and providing support for over 5,000 network devices.
NCC Group’s Cloud XDR Team provide a world class Extended Detection and Response (XDR) services; detecting, responding and mitigating cyber-attacks on our customers networks in our Security Operations Centres using the Microsoft Sentinel ecosystem.
The Cloud XDR Team are looking for XDR Security Analysts with a passion for security to join the team to help the customers get the most out of our services and to protect their networks.
This is an opportunity to join a technically advanced and talented team and help NCC Group build and deliver world class services to our customers.
This role is ideal for a seasoned SOC Analyst with experience in cyber security looking to broaden their scope of cyber skills with a strong focus on detection and response to cyber incidents.
Primary Responsibilities
-
Monitor global systems looking for potential threats, vulnerabilities and indicators of compromise.
-
Perform in-depth analysis of security alerts utilizing Microsoft XDR suite (Sentinel/Defender etc)
-
Provide Incident remediation and prevention documentation and recommendations to customers based on defined procedures and analyst experience.
-
Document and conform to processes related to security monitoring procedures.
-
Provide customer service that exceeds our customers’ expectations at all times.
-
Initiate escalation procedure to counteract potential threats, vulnerabilities and threat actors.
-
Compilation and review of service focused reporting.
-
Act as an escalation point for more junior members of the team, providing assistance and mentoring where necessary.
-
Providing assistance to Senior Cyber Security Analysts on Threat Hunting engagements.
-
Contributing to the continuous improvement of SOC procedures and documentation.
-
Perform other duties as assigned. Experience / Skills
-
Practical knowledge of security and networking toolsets such including Microsofts XDR suite (Sentinel/Defender)
-
Pre-existing, in-depth knowledge of common network protocols and endpoint detection/forensics
-
Pre-existing, in-depth knowledge of Windows and Linux based operating systems.
-
Experience in the extensive analysis of common security incidents.
-
Experience in endpoint
-
Ability to stay calm in highly sensitive and high pressure incidents.
Certification
The following certifications are desirable, but not a requirement. Successful candidates that do not possess these
Certifications may be tasked with working towards them at the beginning of their employment:
-
Azure based certifications (SC-200,AZ-500,MS-500)
-
CREST CPSA / CRIA / CMRE / CNIA / CHIA
-
CompTIA Security+
-
CompTIA Network+
-
Other relevant certifications.
Other Information
Please be aware that this position is based on a 24 x 7 x 365 shift roster.