Principal SOC Analyst - Fully remote options

If you're proficient in technologies such as Crowdstrike, Splunk, AWS, and Azure, and thrive in collaborating with Engineers teams up to management level, we want to hear from you!The organisation has a focus on innovation and continuous improvement and strives to create a secure and resilient environment for its customers and employees.As a principal SOC SME, you will play a crucial role in safeguarding the systems and data against evolving cyber threats. Your responsibilities will include:

• SOC SME for all the relevant related projects
• Assist in identifying and uplifting controls to prevent, detect and respond to security incidents
• Develop splunk based detections for attacker TTPs and security alerts along with playbooks for triage and response
• Maintain a future view of the critical systems to monitor and ensure adequate logs are collected to support a pipeline of detection development
• Work closely with Threat Management to understand IoC's collected from threat intelligence
• Work closely with Security Engineering to design meaningful alerts based on IoC's
• Assist in identifying potential trends in events, alerts and incidents.
• Provide input into Incident Handling documentation including: processes and playbooks and ensuring they are adopted across the organisation
• Participate in PIR's
• Drive efficiencies through process improvement, automation and tooling
• Encourage continual innovation to increase visibility and reduce incident identification time
• Collect and maintain detection metrics on a regular basis

Requirements:

• At least 6 + years of SOC and Security experience
• Must have solid experince working in a Principal or Lead capacity
• Proven experience with tools such as CrowdStrike, Splunk, AWS, and Azure.
• Proven experience managing significant incidents
• Strong hands-on experience in SOC operations and all stages of incident response
• Deep expertise across either incident response or detection engineering plus the ability to work across both
• Working knowledge of the kill chain methodology
• Ability to communicate effectively with technical teams and senior management stakeholders.

This is a virtual SOC so open to location.Please apply for immediate consideration. Resumes will be reviewed on application. Alternatively please call Liz on 0414214325