About the Team

Virgin Media O2 UK Security Operations Centre (SOC) acts as the centre of excellence for the monitoring and management of any event that may impact the security of VMO2’s UK’s internal systems and information environments.

About the Role

• The SOC Support Analyst vacancy is for a shift-based SOC Team (days, nights weekends) that monitors and responds to any identified event of interest from the security monitoring platforms in place across the information environment.
• Once reported, any event or incident is investigated according to internal policies, processes and procedures and escalated where necessary.
• This role exists due to a member of staff being promoted within the business

Key Responsibilities 

Shift to shift the role will have the following Key Responsibilities:

• Monitoring for events across multiple security technologies, including intruder detection systems, malware detection, file integrity systems, SIEM toolsets, phishing, smishing and others
• Initial assessment of alerts of interest
• Assigning incident tickets to a resolved state and/or assigning them to queues according to the resolution procedure
• Recording observations in the incident ticket
• Providing feedback to rule definers to improve the effectiveness of filters and rules used in the automated creation and population of incident tickets
• Provide input as requested for Security, Risk, Compliance and Service reporting

Everything else:

• Assist with maintenance of SOC documentation
• Support Compliance Programme activities as requested.
• Receiving and acting on calls, emails, alerts, etc. relating to security events and possible security incidents

What We Need from You

• A natural lean into curiosity and deep diving the detail
• Ability to stay focused and consider security in all tasks
• High standard of accuracy
• Desire to learn and embrace self-learning and self-development
• We are interested if you: have run your own labs, have an interest in Security Monitoring processes, like the idea of Red Teaming in the future or want to develop into engineering.

Ideal Skills and Experiences, we are looking for:

• Knowledge of SIEM, Analytics and Incident Management toolsets.
• Some network management with technical knowledge of networks and networking protocols in use (including TCP / IP, Port usage, UDP packets and payload analysis)
• Experience of ISO 27001, ITIL or ISO 20000, ISO 22301 and relevant CESG GPGs
• Knowledge of Intrusion Detection Systems (IDS) /Intrusion Prevention Systems (IPS)
• An understanding of cryptography and related concepts and principles (e.g., encryption algorithms, hash functions, and certification authorities)