Principal SOC Security Analyst

Role Overview

Tesserent is seeking an experienced and highly skilled Principal SOC Security Analyst to play a critical role in delivering managed security services from our Security Operations Centre (SOC).

The successful candidate will have a strong background in cybersecurity and SOC operations, as well as a proven track record of technically coaching and developing teams. As a Principal SOC Security Analyst you will work closely with the SOC management team to maintain adherence to SLAs, ensure a high standard of technical delivery of services, and assist with the professional growth of the team.

Accountabilities

• Analyse security data, including logs, network traffic, and threat intelligence, to identify patterns, trends, and anomalies indicative of potential security incidents or threats
• Conduct advanced threat hunting activities, proactively searching for signs of compromise, hidden threats, and potential vulnerabilities within client’s environment
• Assist with the design, implementation, and fine-tuning of security analytic and correlation rules, alerts, and dashboards in the SIEM and other security tools to enhance the SOC team's visibility and response to emerging threats
• Collaborate with the SOC team to investigate and respond to security incidents, providing Subject Matter Expert (SME) guidance on the analysis and interpretation of security data
• Conduct research on emerging threats, attack vectors, and vulnerabilities, sharing findings with the SOC team and using this information to inform the development of new security analytics techniques and strategies
• Conduct thorough handovers of security incidents to the Digital Forensics and Incident Response (DFIR) team
• Assist DFIR team with monitoring and investigation of security incidents on an as needed basis
• Collating data to write and review customer reports, including post incident reports, to a high standard
• Collaborate with the SOC Analytics Manager to drive the technical direction of the SOC, ensuring the implementation of best practices, processes, and technologies to enhance the team's efficiency and effectiveness
• Monitor and maintain adherence to SLAs, ensuring the timely and accurate detection, analysis, and response to security incidents and threats
• Assist with the coaching and development of the SOC team, providing guidance, mentorship, and support to enhance their technical and analytical skills
• Assist in the development and implementation of SOC policies, procedures, and standards, ensuring alignment with the organisation's security strategy and goals
• Collaborate with other SOC and security leaders to share knowledge, insights, and best practices, fostering a culture of continuous improvement and innovation
• Identify opportunities for process improvement and automation, recommending and implementing solutions to streamline SOC operations

Technical Skills

• Self-starter with a strong sense of ownership and the ability to work independently or collaboratively as needed
• Demonstrated capacity to multitask and manage competing priorities effectively
• Excellent communication, presentation, and interpersonal skills, with the ability to effectively convey complex security concepts to both technical and non-technical audiences
• Detail-oriented with a strong commitment to documentation, process improvement, and knowledge sharing
• Strong problem-solving and decision-making skills, with the ability to work under pressure
• Ability to develop and deliver training or speaking material for public and private events