Senior SOC Analyst

Cybersecurity Hayes, Greater London


Description

Rackspace are always strengthening – day to day and team to team, we are always improving.

Our Enterprise Security Team are no different and we are looking to grow the UK with a SOC Analyst/Cyber Security Analyst. This position will see you join a global team and be involved in making sure Rackspace and it's customers stay protected.

The current team have a genuine passion for their jobs and sense of achievement is felt on a daily basis with collaboration and sharing ideas as well as best practices.

Above anything else, we are looking for people who are passionate about Security and are happy to learn new things with an open mind.

For this position, your responsibilities will include;

  • Supervise monitoring of security events and alerts received from security tools across the rackspace estate 
  • Manage end user reported incidents.
  • Responsible for the first line of security incident response 
  • Proactively hunting for suspicious activity based on anomalous activity.
  • Serve as the technical escalation point and mentori for lower-leverl analysts
  • Serve as the technical escalation point and mentor for lower-level analysts.
  • Report potential and actual security violations and provide recommendations.
  • Communicate directly with end users and asset owners.
  • Perform in-depth analysis of log files, systems, and network traffic.
  • Maintain a strong awareness of the current threat landscape.
  • Create knowledge base articles for handling severity incidents.

Some of the other things you will be involved with are;

  • Strong knowledge and understanding of network protocols and devices.
  • Experience in intrusion analysis and incident response.
  • Experience with Mac OS, Windows, and Unix systems.
  • Demonstrable problem solving, analytical skills and attention to detail.
  • Packet and log analysis.
  • Ability to handle high pressure situations in a productive and professional manner.
  • Provide incident investigation, handling, and responses to include incident documentation.
  • Provide tuning recommendations for security tools 

In order to be successful in this position, you should possess the following;

  • Demonstratable background in a Security Operations Centre (SOC) ideal.
  • Experience with SIEM tools (i.e. Arcsight, Splunk, QRadar) Sourcefire, FireEye, FirePower, Snort or equivalent tools
  • CISSP, Security+, Network+, CEH, RHCSA, RHCE, MCSA, MCP, or MCSE preferred
  • Experience with SIEM tools (i.e. Arcsight, Splunk, QRadar), Sourcefire, FireEye, FirePower, Snort or equivalent tools.
  • Strong OS and/or network system administration skills. Experience with reviewing raw log files, data correlation, and analysis (ie. System logs, netflow, firewall, IDS, IPS).
  • Data Loss Prevention/DLP experience is valuable.
  • Anti-Virus, Network Access Control, Encryption, Vulnerability Identification
#LI-ER1  

About Rackspace
We accelerate the value of the cloud during every phase of digital transformation. By managing apps, data, security and multiple clouds, we are the best choice to help customers get to the cloud, innovate with new technologies and maximize their IT investments. We have been honored by Fortune, Forbes, Glassdoor and others as one of the best places to work. Join us on our mission to build the world’s best technology services company.

More on Rackspace
Rackers aren’t all alike. We look different. We think uniquely. We are from many places and our beliefs & backgrounds vary. But, being a Racker — a valued member of a winning team on an inspiring mission – is what connects us all. Rackers are encouraged to bring their whole self to work every day, as we know that unique perspectives fuel innovation and enable us to best serve our customers & communities around the globe. We welcome you to apply today and want you to know that we are committed to offering equal employment opportunity without regard to age, color, disability, gender, gender reassignment or identity or expression, genetic information, marital or civil partner status, pregnancy or maternity status, military or veteran status, nationality, ethnic or national origin, race, religion or belief, sexual orientation, or any legally protected characteristic. If you have a disability or special need that requires accommodation, please let us know.