Location: UK

Role Purpose:

The purpose of this role is to provide security analyst expertise and contribute to the success of the Cyber Security Operations Center (CSOC) and is responsible to investigate and validate threats by data analysis (e.g. log file information, telemetry, and firewall data) with the wide range of security tools and defense line products. The role will work with teams within the CSOC to uplift analyst skills and act as an escalation point. Additionally, the role will work with teams across Vodafone Cyber Security globally; for example, to work on incident investigation alongside our CERT and Incident Management teams.

With us you will:

• 
  Work with CSOC Principal Manager/Team/Functional Leads to better security operations and address identified deficiencies.
• Ensure the analytical approach applied by all levels of Security Analysts is thorough, considered, and comprehensive
• Acts as primary technical subject matter expert for security alert investigation
• Create management reports to help analyze and triage problems
• Provide analysis and assistance where appropriate during incident investigation
• Rotate on-call duties for after-hours support

Apply if you have

Must have technical/professional qualifications:

• 
  4 years or above related experience
• Excellent verbal and written communication skills
• Highly disciplined and motivated, able to work independently, under direction, or as a member of a team
• Deep understanding of threat actor techniques and tools

Core competencies, knowledge, and experience: "Required"

• 
  Strong communication skills and experience with working with stakeholders across a large enterprise
• Strong analytical skills around identifying modern offensive techniques
• Experience investigating computer network intrusions in an enterprise
• Experience with SIEM technologies, to find and identify suspect events in large telemetry sets
• Experience with investigating intrusions in Linux and cloud environments
• Knowledge of network infrastructure, including routers, switches, and firewalls.
• Strong technical knowledge of mainstream operating systems and a wide range of security technologies from network sensors to endpoint protection suites.

Demonstrable experience in critical thinking and data or logical analysis.

Knowledge of;

• Typical security devices such as firewalls, Intrusion detection systems, anti-virus, anti-spam,
• Cyber threat concepts e.g. cyber kill chain, attack methods, threat actors.
• Cloud systems and Windows and Linux OS.