L3 SOC Analyst - Microsoft MxDR

Client Server • Ab Initio Expert • Acting • Accounts Assistant Credit Control • Light Bus And Heavy Bus • Domain Name System

Client Server • Ab Initio Expert • Acting • Accounts Assistant Credit Control • Light Bus And Heavy Bus • Domain Name System

Job Title: L3 SOC Analyst

Location: London (hybrid)

Salary:

Benefits: to be discussed

DWH Recruitment is representing a global accounting and business advisory firm in search for a L3 SOC Analyst to join their Digital Risk Advisory Services.

Theyre a dynamic team of internal auditors accountants technology and business transformation experts with disciplines in finance risk projects and change cyber and digital amongst others.

The team helps clients manage their businesscritical threats such as cyber events and build resilient businesses capable of responding to internal and external events which may interrupt their operations.

Their Digital Advisory business has been experiencing double digit growth consistently for the past three years.

This role involves supporting the delivery of managed detection and response (MDR) services through our clients Digitals global 24/7 MDR capability.

Responsibilities

• Respond to alerts raised by L1/L2 analysts as the technical escalation point
  
• QA of investigations and notification and direct L1/L2 accordingly
  
• Perform detailed analysis and undertake an indepth investigation into potential and confirmed security incidents
  
• Raise incidents where necessary and supporting the SOC manager throughout true positive incidents
  
• Conduct threat hunting across client environments
  
• Conduct investigations in support of incidents or key client requests
  
• Review and action alerts flagged as tuning candidates
  
• Lead the overall technical delivery of new SOC/MDR projects being onboarded into the service.
  
• Respond to SOC/MDR client s requests concerns and suggestions
  
• Onboard log sources and work on any potential log issues.
  
• Finetune the SIEM/EDR platforms to exclude noise and false positives
  
• Analyse define and manage the delivery of new monitoring rules
  
• Conduct use case testing and modify/create as and when required
  
• Support UK operations manager in client engagements and/or service meetings
  
• Support and develop new SOC playbooks and processes
  
• Conduct presentations and updates to the client
  
• Respond to incident escalations and provide solid recommendations
  
• Conduct threat hunting exercises on SIEM and EDR platforms
  
• Develop and improve processes for monitoring and incident qualification
  

Requirements:

Essential:

• 5 years experience as a SOC Analyst
  
• Experience onboarding tuning reporting and configuring SIEM solutions
  
• Indepth experience with Microsoft Sentinel including use case and rule development workbook/playbook creation KQL logic apps/SOAR.
  
• Understanding of lowlevel concepts including operating systems and networking.
  
• Understanding of one or more system administration (Linux Windows Mac)
  
• Actionable knowledge of MITRE ATT&CK framework.
  
• Excellent interpersonal skills with the ability to explain technical problems to nontechnical business stakeholders at all levels
  
• Training and coaching skills to support more junior team members
  

Qualifications

• Experience with various Microsoft technologies including Microsoft Defender for Endpoint Identity and Cloud.
  
• Related Microsoft Certifications (SC200 AZ900)
  
• Cyber Security Certifications such as CISSP Security CySA
  

Full right to work CISSP Security+ CySA + MITRE ATT&CK SIEM solutions Microsoft Sentinel SOC Analyst it security operations Microsoft Certifications Microsoft technologies