SecOps and SOC Analyst

Help us use technology to make a big green dent in the universe!
Kraken powers some of the most innovative global developments in energy.
We’re a technology company focused on creating a smart, sustainable energy system. From optimising renewable generation, creating a more intelligent grid and enabling utilities to provide excellent customer experiences, our operating system for energy is transforming the industry around the world in a way that benefits everyone.
It’s a really exciting time in energy. Help us make a real impact on shaping a better, more sustainable future.
What we doBuild the most AI-driven, innovative, forward-thinking platform for energy management. From optimizing resources to delivering cost-effective, exceptional customer experiences through advanced Customer Information Systems (CIS), billing, meter data management, CRM, and AI-driven communications, Kraken is powering the next wave of innovation in the energy industry. We're an innovative and customer-focussed company, helping to drag the utilities industry into the 21st century.
Why we do itFuture energy will not look like energy as we know it today. We need to not just think about our future, but build for it. Now.
About the teamWe are seeking a Security Operations Analyst that will become a member of a growing global Security Team in Kraken Technologies. You’ll play a crucial role in helping to ensure that we continue to protect Kraken and our Clients by analysing and responding to security incidents. This is a critical position that is a full-time member of a team approaching security in a way which is able to move at the pace of Kraken.

What you'll do

• Working as part of a Global Security Operations team and Security Operations Center (SOC)  

You will be responsible for:
• Monitoring, triaging, and investigation of security incidents on Kraken’s infrastructure and Client instances
• Responding to alerts generated by our Security Information and Event Management (SIEM) system
• Automating and continuously expanding the detection capabilities 
• Analysing application, Cloud and access logs and events to identify potential security threats and vulnerabilities and coding this analysis for future playbooks 
• Identifying where escalation of incidents, or notification to third parties may be required
• Providing incident response support working with our engineering and product teams where necessary
• Maintaining, improving and automating incident response processes and playbooks, to continually improve the team's capabilities
• Preparing reports and incident summaries, as well as reviewing and improving the content and presentation of reports produced by the team
• Maintaining and updating security incident documentation including analysis findings and recommended mitigation strategies, automating wherever possible
• Liaising with stakeholders in relation to incident root cause and providing remediation/improvement recommendations

This role requires participation in a roster covering weekends and public holidays, in co-ordination with other team members globally, in order to deliver a 24x7 operations capability. 
This is a critical role in a growing, global team. You’ll have the opportunity to get involved in exciting and innovative security-related initiatives and we encourage you to take on new challenges that align with your skills and interests, collaborating with other teams to drive improvements in security across our entire organisation. 

What you'll have

• A strong Security Operations and technology background
• Experience in using SIEM platforms to analyse and respond to security alerts
• Familiarity with EDR (Endpoint Detection and Response) tools and their capabilities, including host containment and evidence preservation
• Knowledge of best practices for analysing incidents and logs in a cloud environment
• An understanding of how different mitigation strategies can contain and respond to security events
• An understanding of Cloud and software architectures 
• Strong analytical and problem-solving skills, with the ability to identify, triage and mitigate incidents
• Ability to clearly communicate and document incident activities
• A passion for security, a drive to improve security alerting and response processes by harnessing technology and automation 
• Good experience in at least some of the areas mentioned above (we’re not expecting any candidate to be an expert in all areas)

What will help
• Experience working in a SOC or CERT that monitors multiple client infrastructure/instances 
• Experience with AWS environments including AWS security monitoring, logging (e.g., CloudTrail, GuardDuty)
• Relevant certifications or qualifications related to Security Operations
• Basic scripting or automation skills using SOAR tooling to optimise tasks and develop security automation workflows

If this sounds like you then we'd love to hear from you.
Studies have shown that some groups of people, like women, are less likely to apply to a role unless they meet 100% of the job requirements. Whoever you are, if you like one of our jobs, we encourage you to apply as you might just be the candidate we hire. Across Octopus, we're looking for genuinely decent people who are honest and empathetic. Our people are our strongest asset and the unique skills and perspectives people bring to the team are the driving force of our success. As an equal opportunity employer, we do not discriminate on the basis of any protected attribute. Our commitment is to provide equal opportunities, an inclusive work environment, and fairness for everyone.