EY SOC Analyst - Cyber IOI Belfast 

United Kingdom, Northern Ireland, Belfast 

45191834

SOC Analyst

As part of our managed cybersecurity operations team, you will be providing advisory and technical execution support to help our clients improve their cyber security posture to respond to the dynamic cyber threats. You will provide security domain expertise and utilise your business insight to work closely with our clients to advise, design, build, deploy and test pragmatic security solutions that will give real and tangible benefits and security enhancement.

You will be a core member of our highly skilled and rapidly growing team of technical security specialists. As a member of the team, you will have the opportunity to grow your career in delivering real-world security solutions to leading clients with a significant opportunity for practical industry experience and career progression.

Your key responsibilities

• Act as a point of escalation for the SOC team
• Hunt for suspicious anomalous activity based on alerts from various detection sources
• Review and build new operational processes and procedures
• Review the automated process workflows and provide feedback for updates/enhancements
• Triage and investigation of advanced vector attacks such as botnets and advanced persistent threats (APTs)
• Lead response actions for incidents where CIRT is not required to intervene (low/medium priority)
• Work directly with data asset owners and business response plan owners during low and medium severity incidents
• Perform administrative tasks per management request (ad-hoc reports / trainings)
• Support the creation and maintenance of a knowledge base
• Support the Service Delivery Manager with reporting SOC KPI metrics

Skills and attributes for success

• In-depth knowledge of TCP/IP protocols
• Experience with Infrastructure and Network Security tools
• Experience with SOAR (Security Orchestration Automation & Response) and Endpoint Detection & Response (EDR) solutions
• Experience with SIEM (Security Information & Event Management) tools and usage of regular expressions
• Knowledge of common security frameworks (OSINT, SANS, NIST)
• Good knowledge of threat areas and common attack vectors (MITRE ATT&CK)
• Scripting (automation) and familiarity with Cloud (AWS/Azure)
• Ability to interact with staff, peers and customers on a technical and professional level
• Fast and independent learner, with ambition to self-improve

To qualify for the role, you must have

• At least 1 years’ experience of working in a SOC environment
• Strong logical and analytical skills to help in analysis of security events/incidents
• Effective verbal and written communication skills

Ideally, you’ll also have

• One or more industry-recognised certifications for leading security tooling in a modern SOC setting e.g COMPTIA Security +
• Hands-on experience of working with different tools suites in a SOC environment covering hybrid IT estates across traditional on-prem and cloud setups

We offer a competitive remuneration package where you’ll be rewarded for your individual and team performance. Our comprehensive Total Rewards package includes support for flexible working and career development, and with FlexEY you can select benefits that suit your needs, covering holidays, health and well-being, insurance, savings and a wide range of discounts, offers and promotions. Plus, we offer:

• Support, coaching and feedback from some of the most engaging colleagues around
• Opportunities to develop new skills and progress your career
• The freedom and flexibility to handle your role in a way that’s right for you