Level 2 Security Analyst

The purpose of the Level 2 Security Analyst role within Symity Pentesec’s SOC is to uphold and advance our commitment to technical excellence and innovation in network and cyber security. This role is crucial in maintaining the high standards of service that our clients have come to expect. The Level 2 Security Analyst is responsible for the meticulous monitoring, analysis, and response to security events and incidents, ensuring that every action taken not only meets but exceeds our service level agreements (SLAs).  

Their work is integral to both the internal strength of our operations and the external trust our customers place in us. By performing thorough threat analyses and vulnerability assessments, the Level 2 Security Analyst plays a pivotal role in identifying and mitigating potential security risks, thereby safeguarding our clients' digital assets. This role demands a blend of technical acumen, a proactive approach to problem-solving, and a relentless pursuit of excellence. The analyst's dedication to refining incident response plans, engaging in continuous professional development, and contributing to service improvements is essential in fortifying our position as an industry leader.  

Excellence in this role means not only addressing immediate security concerns but also driving long-term improvements and innovations that benefit both Symity Pentesec and our diverse customer base. The Level 2 Security Analyst embodies our values of responsibility, passion, and integrity, ensuring that every task is accomplished with the utmost precision and care. Their efforts help shape the future of our SOC services, fostering an environment where cutting-edge security measures and exceptional customer service go hand in hand.  

Duties and Responsibilities   

• Monitor and analyse security events and incidents within the SOC, ensuring timely detection and response in line with our customer facing SLAs.  

• Perform threat analysis and vulnerability assessments to identify potential security risks and implement mitigation strategies for our customers.  

• Collaborate with other team members to develop and refine incident response plans and playbooks.  

• Engage in continuous learning and professional development to stay current with evolving cyber threats and security technologies.  

• Review monitoring and alerts accurately identifying any known behaviour, false alerts, and incidents for investigation and resolution. Ensure that all false positive and errors are tuned ensuring efficiency for the team.  

• Perform root cause analysis (RCA) for high priority Incidents and identified Problems /trends to reduce risk of repeat incidents.  

• Provide technical input to develop Knowledge Articles, optimise processes and improve resolution time.  

• Suggest Service Improvements. You will have influence in enhancing how the future of SOC Service is delivered.   

• Manage your own time effectively and efficiently, ensuring expectations are managed and communicated with clients and the internal team.   

• Proactively keep others informed of your progress and escalate challenges or delays in a timely and professional manner.  

• Where required, support new technology service/solution acceptance into support.   

• Build and develop strong relationships between Symity Pentesec, our partners and our clients.  

• Be available to provide expert advice, recommendations and guidance on systems and products supported by the SOC to colleagues.   

• Attend regular incident reviews looking at the status of open tickets with other engineers, regular 1-2-1 meetings with line manager and team and client meetings.   

• Work with Consultancy and delivery teams to ensure the smooth onboarding of new customers into the SOC.   

• Sharing learnt knowledge into the SOC Team and bringing SOC knowledge into the wider Sales and Professional Service teams to help with alignment, awareness and collaboration.  

• Participate in the overnight on-call rota, providing 24/7 coverage for critical incident response and escalation.  

• Work within the designated shift patterns: earlies (8am-4:30pm), standard (8:30am-5pm), and lates (8:30am-6pm) to ensure continuous SOC operations.  

• Flexibility from time to time to meet the needs of critical incident resolutions and update tasks.    

• Be available to work from the Peterborough based SOC 2 days per week to support in-person events, team building and collaboration.

Requirements

The successful candidate must have a minimum of two years’ experience working within a managed security / SOC setting and be able to demonstrate all of the following required knowledge, skills and experience.  

Technical Skills  

• Network Security – Understanding of network architecture, firewalls, VPNs, IDS/IPS, and other network security measures.  

• Incident Response – Proficiency in detecting, analysing, and responding to security incidents.  

• Threat Analysis – Ability to identify and assess cyber threats and vulnerabilities.  

• Vulnerability Management – Experience with vulnerability management and reporting solutions assessing customer vulnerabilities, creating regular reporting packs, devising mitigation strategies and working with customer to support their implementation of these plans.  

• Security Information and Event Management (SIEM) – Experience with SIEM tools for monitoring and analysing security events.  

• Malware Analysis – Skills in identifying, dissecting and mitigating malware threats.  

• Forensic Analysis – Knowledge of digital forensics to investigate and remediate security breaches.  

• Encryption Techniques – Familiarity with encryption standards and methods to protect sensitive data.  

• Endpoint Security – Expertise in securing endpoints such as computers, mobile devices, and servers.  

Analytical Skills  

• Problem-Solving – Strong ability to diagnose and resolve security issues efficiently.  

• Attention to Detail – Keen eye for identifying subtle anomalies and potential security threats.  

• Data Analysis – Proficiency in interpreting and correlating data from various sources to identify patterns and trends.  

• Risk Assessment – Ability to evaluate and prioritize risks to develop effective mitigation strategies.  

Communication Skills  

• Report Writing – Capability to document security incidents, analyse results and advise recommendations clearly and concisely.  

• Team Collaboration – Strong interpersonal skills to work effectively with internal teams and third-party vendors.  

• Client Communication – Ability to explain technical concepts and security measures to non-technical clients.  

• Presentation Skills – Experience in delivering findings and recommendations to stakeholders in an engaging manner.  

Soft Skills  

• Adaptability – Willingness to stay updated with the latest security trends and technologies.  

• Diligence – Excellent attention to detail this includes ensuring high quality notes and updates on incidents, and clear suitable language to clients.  

• Time Management – Efficiently managing time and prioritizing tasks in a fast-paced environment, delivering against client SLAs and internal deadlines.  

• Integrity – Upholding ethical standards and maintaining confidentiality of sensitive information.  

• Continuous Learning – Commitment to ongoing education and certification in the field of cybersecurity.  

Desired Knowledge, Skills and Experience   

Candidates who can demonstrate the following desired knowledge, skills, and experience, in addition to the required skills listed above, will be considered favourably.  

Technical Skills (Preferred)  

• Experience building analytic queries using Kusto Query Language (KQL) or similar  

• Rapid 7 SIEM (IDR) and vulnerability management (IVM) tooling  

• SentinelOne EDR experience  

• Microsoft Defender XDR / Purview  

• Microsoft Sentinel SIEM  

Certifications (Preferred)  

• Certified Information Systems Security Professional (CISSP)  

• Certified Ethical Hacker (CEH)  

• CompTIA Security+  

• Certified Incident Handler (GCIH)  

• Certified Information Security Manager (CISM)  

Benefits

Join us, and your benefits and perks will include private healthcare, Medicash cashback, life assurance, workplace pension, cycle to work scheme, access to our employee assistance programme, a volunteering day, 20% EE discount that extends to your family and friends, a birthday gift voucher and day off, plus more.

Charterhouse is where careers happen. We offer a supportive, innovative, stimulating and fast-paced environment where development, reward and recognition are available to everyone, and anything is possible. As you transform our client’s approach to technology, we’ll help you transform your career through progression, reward, development and recognition.