Technical | Marlow
Security Intelligence Manager
Competitive Salary plus benefits
Softcat is one of the UK’s leading technology solutions businesses. Thanks to the success and growth of our services, we offer an increasingly broad range of tech careers. There could be a bright future for you if you’re interested in software, networking, analytics or cyber security.
Success. The Softcat way.
Softcat is a £1billion+ technology solutions business and trusted partner to names like Apple, Microsoft and Adobe. Offering a growing portfolio of services including software licensing, cyber security and IT infrastructure, we give our technical teams the tools and support to make exciting things happen. This is where to achieve more for your career.
Working as part of our Security Intelligence team, you’ll be expected to collaborate with customers and Softcat representatives to develop metrics based on current awareness and threat monitoring, developing and implementing use cases on the SIEM Management tool where appropriate. You will be responsible for monitoring our SIEM management tool for suspicious events and anomalous activity; validating suspicious events and incidents by using open-source and proprietary intelligence sources; and documenting and managing incident cases using our ticket handling system. You will support the security engineering team with deploying, troubleshooting and managing the security platform for multiple customers.
In this role you will support security threat monitoring, detection, event analysis and incident reporting within our 24/7 Operations Centre environment. Operating on a 12-hour shift rota, you will be responsible for monitoring customer networks and systems, detecting events and reporting on all threats that are directed against those systems regardless of their classification level or type; analysing events to discern those that qualify as a legitimate security incident as opposed to non-incident or false positives.
What we need from you
- Passionate about Cyber Security
- Possess a working knowledge of network communications and routing protocols (TCP, UDP, ICMP, BGP, MPLS, etc.) and common internet applications and standards (e.g. SMTP, DNS, DHCP, SQL, HTTP, HTTPS)
- Experience with attack vectors such as Malware, Trojans, Exploit Kits, Ransomware and Phishing techniques advantageous
- Hands-on experience with SIEM platforms, such as Alien Vault, Security Analytics, Splunk, or ArcSight, Firewalls, Intrusion Detection/Prevention Systems, Proxies, Web Applications, and/or Penetration Testing
- Experience working in a similar environment such as SOC and performing incident response (experience in a technical security role but not necessarily SOC will also be considered)
- Experience analysing information technology logs and events sources preferred
- Ability to dynamically assess risks, threats & threat actors for new and existing customers
- Strong communication skills both written and oral with ability to translate and technical information to a non-technical audience
- A capable individual who can effectively multi-task, prioritize work, and handle competing interests
- Customer focused and proactive in following up on (customer) issues
Passion. Intelligence. Fun. Responsible; these are the core values which define Softcat. We are one of the UK’s leading IT infrastructure providers and a FTSE 250 listed company. The business is based on two key principles: outstanding customer service and employee satisfaction- both of which inspire our flexible, friendly approach to business. For more information about Softcat please visit: www.softcat.com.