SOC Analyst (L2)

Nomios' mission is to build a ‘secure and connected’ future. Organisations across Europe depend on us to help secure and connect their digital infrastructures. In support of our continued UK growth, we are seeking a SOC Analyst to join our Security Operations team. This is a fantastic opportunity to work with a broad and diverse set of customers who have entrusted Nomios to deliver their security operations.

As a SOC Analyst, you will be at the forefront of monitoring, investigating and securing our customers' estates through state-of-the-art tooling. This role would suit a junior SOC analyst in an existing Security operations function or someone with an extensive infrastructure and networking background looking to take the leap into Cyber Security Operations.

Your role as Security Operations Centre (SOC) Analyst

You will play a pivotal role within the Nomios SOC. Working closely with our Senior and Lead Analysts, you will have day-to-day responsibility for responding to incidents, ensuring either their swift resolution or escalation to senior resources if required, and helping to maintain and improve best practice and operational efficiency in everything we do.

You will be supported in your role with extensive training through exposure to new technologies and toolsets alongside dedicated Cyber-Ranges and environments, ensuring Nomios delivers the best service to its customers whilst allowing you to develop your own career.

Key Responsibilities

Build

• Participate in developing tuning of security monitoring and detection toolsets.

• Aid in the maintenance and updating of internal SOC processes and procedures.

• Assist in the testing and monitoring of newly created detection logic and use cases.

Investigate

• Monitor security alerts and incidents using a wide range of security tools and technologies.

• Produce regular reports and updates on customer(s) security posture.

• Conduct Identification, analysis, and qualification of security alerts, escalating internally and externally to customers where required.

• Effectively follow internal SOC procedures and runbooks for incident investigation.

• Aid in conducting Threat Hunting activities as directed.

• Review Vulnerability Management reports and provide analyst insight.

Improve

• Participate in SOC improvement projects (tooling, process, increase in SOC coverage)

• Deliver investigation reports, including continual improvement steps to both internal and external stakeholders.

• Stay current with the latest cybersecurity trends, threats and upcoming technologies.

We hire result-orientated, smart, and high-energy individuals who bring a can-do attitude and a willingness to go the extra mile and deliver exceptional outcomes. You should be organised and rigorous, with excellent analytical skills. Good communication with internal stakeholders is vital, as is the ability to work as part of a dynamic team.

Required technical skills include:

• Good Knowledge of SIEMs - Focused on day-to-day usage, navigation, and creation of basic rulesets & dashboards aligned to MITRE ATT&CK. 

  Preferred vendors: Microsoft Sentinel, Google Chronicle (SECOPS)

• Foundational Knowledge of incident response, aligned to MITRE ATT&CK with a good knowledge of common tactics, tools and techniques attackers utilise in the wild.

• Good Knowledge of EDR/XDR - including incident investigation and day-to-day usage

   Preferred vendors: CrowdStrike, Microsoft, Palo Alto, SentinelOne

• Good Knowledge of VM - including analysis and prioritisation.

  Preferred vendors: Rapid 7, Tennable

• Foundational Knowledge of CTI - Including its utilization within a SOC environment.

Additional requirements include:

• 2+ years of experience working within a Security Operations Centre (SOC) or a strong and diverse background within Infrastructure and Networking (3+ years) orientated towards Cyber Security.

• Experience in ticket handling toolsets (Service Now, Salesforce, JIRA) aligned to ITIL best practices.

• Fluent in English with excellent written and oral communication skills.

• Eligible for SC clearance (five years living in the UK) required, or DV (ten years living in the UK) clearance preferred.

• Ability to use initiative and work independently.

• Strong team player.

Job Specifics

• Location: This is a hybrid role, requiring attendance at our Basingstoke office (free hot & cold drinks, breakfast items, snacks, lunches, and regular takeaway Fridays are provided to all staff in the office!)

• Hours: Full-time, Monday-Friday, 9:00am - 5:30pm.

Why would you choose to come and work with us?

We invest in our people. You will get to work in a dynamic, fast-paced environment where you are free to use your initiative in support of our strategic objectives. You will work alongside high calibre sales, technical, and operational experts as part of a supportive, tight-knit team, within which every individual has an important part to play and makes a real difference. Nomios offers a highly competitive salary and commission scheme along with industry-leading benefits.

Ready to make an impact? Apply now!

Nomios is an equal opportunity employer and is committed to creating and sustaining an environment in which everyone is provided with an equal opportunity to grow and develop, and no individual will be unjustly discriminated against. This includes, but is not limited to, discrimination because of age, disability, gender reassignment, marriage and civil partnership, pregnancy and maternity, race, religion and belief, sex and sexual orientation.