F5 SOC Analyst - Global Cyber Security 

United Kingdom, England, Babergh 

530703298

I, who can help us to support, transform, drive and scale critical Cyber Defense program with in F5.

Primary Responsibilities:

• Responsible for upholding F5’s business code of ethics and promptly reporting violations of the code or other company policies.

• Follow F5’s enterprise information security policies and protect, detect, and remediate information assets from unauthorized access, disclosure, modification, destruction, or interference.

• Ability to triage and handle security alerts from SIEM and other security monitoring solutions.

• Perform investigations leveraging security platforms such as SIEM, EDR, DLP, Email threats detection solutions and cloud platforms such as Azure, AWS and GCP.

• Coordinate and support incident response activities, external attack investigations, Insider threat investigations and digital forensic investigations.

• Ability to perform threat hunting for known and unknown threats in F5 environments based on

available threat intelligence reports and knowledge of the attackers TTPs.

• Ability to apply analytical and technical skills to investigate cyber intrusions, detect malicious activity and potential insider threats, and perform incident response.

• Correlate events from multiple log sources to detect and disrupt threat actor by detecting unknown threats.

• Ability to work with SOC manager and support in drafting incident analysis report.

• Provide timely investigation updates to SOC manager

• Ability to prepare process driven playbook/runbook for cyber threat investigations.

• Ability to automate cyber response tasks to ensure seamless security operations.

• Propose risk mitigating strategies to SOC manager, advise on acceptable mitigating controls and ensure they are documented.

• Strong knowledge on cyber investigations, eDiscovery and digital forensics, malware analysis, Network attacks, phishing attacks, cloud attacks, DLP and Web application attacks.

Required Skills & Knowledge:

• Over 2 to 4 years of cybersecurity experience within a security operations environment.

• Prior experience in working in a large-scale security operation centre preferably in technology industry.

• Experience in handling daily operations of the SOC security team, including alert triage, incident response, investigations, and threat management.

• Experience with 24/7 security operations centres or cyber-Defense center

• Bachelor’s degree in information systems, MIS or related technical degree and 4+ years of experience in Cyber Security Incident Response /Threat Hunting/Digital Forensics.

• Comfortable taking Lead role during security events and incidents

• Hands on experience with managing SIEM, SOAR, M365, AAD, Email security, EDR, Cloud SIEM, DLP, CSPM, IAM, PIM, CTI platforms and Net gen Firewalls etc.,

• Strong understanding on operating systems: Windows, Linux and/or Mac at a filesystem level and familiarity with MITRE ATT&CK framework.

• Detecting anomalous system activities, Lateral movements, living-off-the-land, persistence establishment mechanisms and potential intrusions.

• Highly motivated, independently driven with good interpersonal skills, both written and verbal; mindfulness and phenomenal organizational and time management skills.

• Ability to research and characterize security threats including crafting right countermeasures.

• Demonstrated record of finding and pursuing strategic and complex areas of security research in collaboration with internal and external partners at all levels, to include defining right policies, practices, and countermeasures.

Preferred certifications:

• Good to haveSANS GCIH, GCIA, SANS GCFA, SANS GCFE, CEH, Blue team certifications or other industry-relevant cyber-security certifications are a plus.

• Certified experience related to Incident Response, Threat Hunting, Cloud security or Digital Forensics

Qualifications:

• Bachelor’s degree in computer science or information systems, MIS or related technical degree with 4+ years of experience in Cyber Security Operations/ Incident Response /Threat Hunting/Digital Forensics.

• Ability to inspire change through effective leadership, communication, planning, and execution.

• Capable of translating broad targets and aims into a detailed list, setting priorities for yourself and others, and achieving goals.

• Knowledge and ability to delivery organizations to key performance indicators.

• Able to clearly communicate sophisticated technical issues to larger audience at varying levels.

• Ability to work in a highly collaborative team environment.

• Able to read, write, and speak English fluently, including complex technical concepts.

• Solid skills in MS Visio, Lucid chart, MS Office apps and with standard professional applications.

The Job Description is intended to be a general representation of the responsibilities and requirements of the job. However, the description may not be all-inclusive, and responsibilities and requirements are subject to change.