Our client, a leading entity in the Defence & Security sector, is currently seeking a SOC Security Analyst (DV Cleared) for a contract position as part of the Opnet NSOIT Programme, based in the Corsham SOC. This crucial role involves delivering DCO outcomes across the OpNET platform and ensuring that operational security processes are effectively implemented at every level.

• Detecting and responding to malicious behaviour across all platform components, including workstations, servers, and network devices.
• Optimising threat detection products for data loss prevention (DLP), security information and event management (SIEM), advanced email protection, endpoint detection and response (EDR), antivirus, and intrusion prevention/detection systems.
• Reviewing and responding to escalated security events.
• Proactively hunting threats within the OpNET environment.
• Writing detection signatures, tuning systems/tools, developing automation scripts, and creating correlation rules.
• Maintaining knowledge of adversary tactics, techniques, and procedures (TTPs).
• Conducting forensic analysis on systems and engaging third-party resources as required.
• Ensuring incident identification, assessment, quantification, reporting, communication, mitigation, and monitoring.
• Ensuring compliance with SLAs and KPIs, process adherence, and process improvement to achieve operational objectives.
• Revising and developing processes to strengthen the DETECT and RESPOND delivery.
• Initiating corrective actions where required.
• Managing daily administration and maintenance of security devices to achieve operational effectiveness.
• Creating reports, dashboards, and metrics for SOC operations and presenting them to OpNET CISO and Security Working Group (SWG).
• Coordinating with stakeholders, building and maintaining positive working relationships, and ensuring outputs are aligned.
• Conducting routine governance and compliance audits and accreditation activities.

• Hold current DV clearance.
• Strong hands-on experience with a variety of SIEM and SOAR platforms (including SPLUNK, ELK, Elastic, Security Onion v2).
• Experience with a variety of scanning tools (e.g., Nessus, Greenbone, Nipper, BMC Discovery, McAfee ePO, Tanium, Tripwire, Whats Up Gold).
• Experience in forensics, malware analysis, and threat intelligence.
• Ability to understand, modify, and create threat detection rules within a SIEM.
• Ability to correlate data from multiple data sources to create a more accurate picture of cyber threats and vulnerabilities.

• CompTIA A+.
• CompTIA Security+.
• CompTIA CySA+.
• CompTIA PenTest+.
• MCSE.
• SANS 504 - Incident Handling.
• SANS 503 - Intrusion Analyst.
• SANS 511 - Continuous Monitoring.

If you are a skilled SOC Security Analyst with the required DV clearance, experience, and a keen eye for detail within the Defence & Security sector, we encourage you to apply now and be a crucial part of our client's team in Corsham.