Swindon, England, United Kingdom
Accomplished Cyber Security Operations centre Specialist with 8+ years of experience across enterprise SOCs, managed security services (MSSP), and government-grade environments (MOD). Expert in Splunk-led and Sentinel detection monitoring and engineering, threat-led monitoring, and complex incident response. Proven track record of optimizing security operations by moving beyond simple indicators to detecting sophisticated TTPs using the Pyramid of Pain and MITRE ATT&CK frameworks. A CASP+ and CCNP certified technical leader, adept at mentoring junior analysts and advising C-suite stakeholders on risk-based security improvements.
• Work on a 24/7 shift rota providing a proactive response to 24/7 clients. • Investigate and resolve helpdesk incidents assigned with speedy fixes ensuring the ticketing system is fully updated • Review and respond to all alarms within agreed SLA's • Monitor networks and equipment using applicable software (SolarWinds//PRTG/RMM/FMC etc), raising incidents as appropriate, investigating, and resolving where possible and engaging the correct resolving teams while owning the incident to resolution. • Ensured all network alarms and events are acknowledged and appropriately dealt with during shift. • Write and implement Change requests as required, following good practice and company processes
• Work on a 24/7 shift rota providing a proactive response to 24/7 clients. • Daily ownership and management of Nettitude SOC customers; including log management, log analysis, event management and alarms using LogRhythm SIEM Tool. • Review and respond to all alarms within agreed SLA's • Ensure each customer's operational health is maintained and any exceptions dealt with in a timely manner. • Conduct regular reviews with each customer to ensure all devices are current as required. • Triage and resolve security Alarms and Security Events using SIEM tool like LogRhythm and Carbon Black.