Principal SOC Analyst

Posted 10 Days Ago
Be an Early Applicant
Manchester, Greater Manchester, England
Senior level
Information Technology • Consulting
The Role
The Principal SOC Analyst serves as a primary contact for security incident escalation, mentoring junior staff, and collaborating with the Computer Incident Response Team. Responsibilities include investigating security systems, executing threat hunting, providing incident remediation, and continuously improving SOC procedures. This role requires a deep understanding of cybersecurity threats and effective communication skills with stakeholders.
Summary Generated by Built In

Principal Security Analyst (SOC)

Location: Manchester

Working Arrangement: Hybrid

Role Purpose:

This position is a critical role within the organization, serving as the primary point of contact for potential security incident escalation during significant incidents or crisis situations. This involves close collaboration with the Computer Incident Response Team (CIRT), Senior Management, and Senior Analysts.

The role also includes providing guidance and mentorship to junior staff members, fostering their growth and development within the organization. As a 24/7 escalation point for Senior Analysts, this role requires a high level of commitment and availability.

A key part of the role is contributing to the continuous business development opportunities within Global Management Solutions (GMS). This involves staying abreast of emerging threats and vulnerabilities in the cybersecurity landscape and ensuring that all analysts within the Security Operations Centre are adequately trained to handle these threats.

The role also involves conducting comprehensive triage and investigation for various security systems, including IDS/IPS, Full Packet Capture devices, Firewall, DDoS detection and mitigation, availability and SIEM platforms. This is crucial for identifying potential threats, vulnerabilities, and indicators of compromise.

Another important aspect of the role is executing Threat Hunting engagements, performing deep dives, and serving as a technical escalation point for incidents. This includes functioning as an incident handler during high-priority incidents and providing incident remediation and prevention documentation and recommendations to customers.

The role also involves documenting and developing new processes related to security monitoring procedures and delivering customer service that consistently exceeds customer expectations.

Initiating escalation procedures to counteract potential threats, vulnerabilities, and threat actors is another key responsibility. This involves compiling, reviewing, and publishing service-focused reports.

Finally, the role serves as an escalation point for all members of the Cyber Monitoring team, offering assistance and mentorship as necessary. This includes contributing to analyst training programs and continuous improvement initiatives, and actively contributing to the continuous improvement of Security Operations Centre (SOC) procedures and documentation.

Key Accountabilities:

  • Serve as the principal point of contact for potential security incident escalation during significant incidents or crisis situations, in collaboration with the Computer Incident Response Team (CIRT), Senior Management, and Senior Analysts.
  • Offer guidance and mentorship to junior staff members.
  • Function as a 24/7 escalation point for Senior Analysts.
  • Contribute to the continuous business development opportunities within Global Management Solutions (GMS).
  • Maintain an advanced understanding of emerging threats and vulnerabilities.
  • Ensure the development and maintenance of training plans for all analysts within the Security Operations Centre.
  • Foster collaborative relationships with internal stakeholders and clients, with a strong emphasis on growth.
  • Conduct comprehensive triage and investigation for IDS/IPS, Full Packet Capture devices, Firewall, DDoS detection and mitigation, availability and SIEM platforms, identifying potential threats, vulnerabilities, and indicators of compromise.
  • Execute Threat Hunting engagements, perform deep dives, and serve as a technical escalation point for incidents.
  • Function as an incident handler during high-priority incidents.
  • Provide incident remediation and prevention documentation and recommendations to customers, based on established procedures and analyst experience.
  • Document and develop new processes related to security monitoring procedures.
  • Deliver customer service that consistently exceeds customer expectations.
  • Initiate escalation procedures to counteract potential threats, vulnerabilities, and threat actors.
  • Compile, review, and publish service-focused reports.
  • Serve as an escalation point for all members of the Cyber Monitoring team, offering assistance and mentorship as necessary.
  • Contribute to analyst training programs and continuous improvement initiatives.
  • Actively contribute to the continuous improvement of Security Operations Centre (SOC) procedures and documentation.

Minimum Requirements:

  • Previous experience working in a technical, client facing capacity within a SOC.
  • Minimum 2-4 years of experience within a SOC Senior Analyst role.

Desirable Requirements:

  • Splunk Certified Power User/Advanced Power User
  • CompTIA Certifications (Security+/ Network+/ Linux+)
  • Crest, GIAC or CISSP Certification
  • Degree in related field.
  • Other relevant certifications.

Behaviours:

  • Professionalism: Conduct yourself with professionalism, integrity, and ethical behaviour in all interactions and situations.
  • Proactive: Demonstrate a proactive approach to process improvement and process creation, ensuring conformity to the standards of the MXDR SOC.
  • Collaboration: Work well within a team environment, communicating effectively with colleagues from different departments and sharing insights to improve security posture.
  • Adaptability: Embrace changes in technology and processes, adapting to new challenges and learning quickly in a dynamic security landscape.

Why NCC Group?

At NCC Group, our mission is to create a more secure digital future. That mission underpins everything we do, from our work with our incredible clients to groundbreaking research shaping our industry. Our teams' partner with clients across a multitude of industries, delving into, securing new products, and emerging technologies, as well as solving complex security problems. As global leaders in cyber and escrow, NCC Group is a people-powered business seeking the next group of brilliant minds to join our ranks.

Our colleagues are our greatest asset, and NCC Group is committed to providing an inclusive and supportive work environment that fosters creativity, collaboration, authenticity, and accountability. We want colleagues to put down roots at NCC Group, and we offer a comprehensive benefits package, as well as opportunities for learning and development and career growth. We believe our people are at their brilliant best when they feel bolstered in all aspects of their well-being, and we offer wellness programs and flexible working arrangements to provide that vital support.

We have a high-performance culture which is balanced evenly with world-class well-being initiatives and benefits;

⏰Flexible working

💸 Financial & Investment

· Pension

· Life Assurance

· Share Save Scheme

· Maternity & Paternity leave

🙋🏾Community & Volunteering Programmes

⚡ Green Car Scheme

🚴 Cycle Scheme

🏥 Healthcare

🏙️ Office Lifestyle

🧑🏻‍🤝‍🧑🏻 Employee Referral Program

🧘🏻 Lifestyle & Wellness

🎓 Learning & Development

👨🏿‍🦽 Diversity & Inclusion

So, what’s next?

If this sounds like the right opportunity for you, then we would love to hear from you! Click on apply to this job to send us your CV and the relevant member of our global talent team will be in touch with you. Alternatively send your details to [email protected] .

About your application

We review every application received and will get in touch if your skills and experience match what we’re looking for. If you don’t hear back from us within 10 days, please don’t be too disappointed – we may keep your CV on our database for any future vacancies and we would encourage you to keep an eye on our career opportunities as there may be other suitable roles.

If you do not want us to retain your details, please email [email protected]. All personal data is held in accordance with the NCC Group Privacy Policy (candidate-privacy-notice-261023.pdf (nccgroupplc.com)). We are committed to diversity and flexibility in the workplace. If you require any reasonable adjustments to support you during the application process, please tell us at any stage.

Please note that this role involves mandatory pre-employment background checks due to the nature of the work NCC Group does. To apply, you must be willing and able to undergo the vetting process. This role being advertised will be subject to BS7858 screening as a mandatory requirement.

Top Skills

Firewall
Ids/Ips
SIEM
The Company
Manchester
2,292 Employees
On-site Workplace

What We Do

We assess, develop and manage cyber threats across our increasingly connected society. We advise global technology, manufacturers, financial institutions, critical national infrastructure providers, retailers and governments on the best way to keep businesses, software and personal data safe.

With our knowledge, experience and global footprint, we are best placed to help businesses identify, assess, mitigate & respond to the risks they face.

We are passionate about making the Internet safer and revolutionising the way in which organisations think about cyber security.

Headquartered in Manchester, UK, with over 35 offices across the world, NCC Group employs more than 2,000 people and is a trusted advisor to 15,000 clients worldwide

Similar Jobs

WISE Logo WISE

Machine Learning Scientist - Fraud

Fintech • Mobile • Payments • Software • Financial Services
Hybrid
London, Greater London, England, GBR
6000 Employees

WISE Logo WISE

Data Analyst Lead - Treasury

Fintech • Mobile • Payments • Software • Financial Services
Hybrid
London, Greater London, England, GBR
6000 Employees

WISE Logo WISE

Engineering Lead - Data Governance

Fintech • Mobile • Payments • Software • Financial Services
Hybrid
London, Greater London, England, GBR
6000 Employees

WISE Logo WISE

Senior Data Scientist - Growth and Strategic Finance

Fintech • Mobile • Payments • Software • Financial Services
Hybrid
London, Greater London, England, GBR
6000 Employees

Similar Companies Hiring

8th Light, Inc. Thumbnail
Professional Services • Machine Learning • Healthtech • Design • Consulting • Big Data • Artificial Intelligence
Chicago, IL
130 Employees
Cloudflare Thumbnail
Software • Security • Information Technology • Cybersecurity • Cloud
San Francisco, CA
3900 Employees
Dynatrace Thumbnail
Software • Information Technology • Cloud • Big Data Analytics • Big Data • Automation • Artificial Intelligence
Waltham , MA
4700 Employees

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account