Passion. Intelligence. Fun. Responsible; these are the core values which define Softcat. We are one of the UK’s leading IT infrastructure providers and a FTSE 250 listed company. The business is based on two key principles: outstanding customer service and employee satisfaction- both of which inspire our flexible, friendly approach to business.
About the team
The Softcat SIEM team provides our customers with cyber security monitoring, analysis, assessment and remediation. It is our job to help our customers understand the many types of security threats targeting their infrastructure and to offer expert advice on how to mitigate these threats in real-time. At Softcat we understand that every customer is different and within our SIEM Managed Service team we provide threat hunting that is specifically tailored to each individual client’s unique environment. The work is fast moving and ever-changing, just like the threats themselves and no two days are alike.
You will support security threat monitoring, detection, event analysis and incident reporting within our 24/7 Security Operations Centre environment. Working on a shift rota, you will monitor customer networks and systems, detect events, analyse alarms and report on threats, resolving or escalating as required. The role requires analysing events to distinguish those that qualify as a legitimate security incident as opposed to non-incidents or false positives. You will be expected to collaborate with customers and the Softcat team to develop metrics based on current awareness and threat monitoring.
Basic salary: £27,000
- Previous experience in a technical or security role. Those working in a SOC and/or security incident response would be advantageous
- You’ll be able to effectively multi-task, prioritize work, and handle competing interests
- Strong communication skills both written and oral with ability to articulate technical information to a non-technical audience
- Ability to dynamically assess risks, threats and threat actors for new and existing customers
- ITIL V3 Foundation training / certification (desirable)
- Experience of service management environment (desirable)
- Scripting capability (desirable)
Roles and Responsibilities
- Monitor our SIEM Management tool for suspicious events, anomalous activity
- Validate suspicious events and incidents by using open-source and proprietary intelligence sources
- Document and manage incident cases in our ticket handling system
- Report incidents to customers in line with service definitions, and where appropriate provide guidance on corrective actions
- Working with and supporting our security engineering team with deploying, troubleshooting and managing the security platform for multiple customers