L2 SOC Analyst

Benefits include Private Medical, Pension, 25 days annual leave, Gym Membership, Cycle to Work Scheme, and Employee Assistance Programme.

Working Hours: Between 0700 - 2200 (rotated shift)

Dress Code: Smart casual

The L2 Analyst is responsible for proactively monitoring and triaging operational alerts, ensuring timely investigation and resolution of incidents, and maintaining service stability. Acting as an L2 analyst, the role provides day-to-day operational oversight, coordinates analyst activities, and serves as the escalation point for complex issues.

Role Responsibilities:

• Proactive monitoring and response of known and or emerging threats against the network.
• Gathering information about high-value assets, threat landscape, and breach exposure from a myriad array of sources.
• Conducting detailed & comprehensive investigation and triage on a wide variety of security events, and implement remediation processes.
• Overseeing shift operations including managing analyst breaks and handling escalations.
• Performing complex data analysis in support of security event management.
• Participation in Incident Response that includes root cause and lessons learned.
• Collaborating with Level 3 analysts, incident responders, engineering team, and customer’s security teams to coordinate incident response and remediation efforts.
• Identifying opportunities to improve process and/or tools to ensure highest level of quality, including documentation and training sessions.
• Mentoring and supporting junior analysts.
• Participating in shifts, on-call and after hours support of incident management.
• Managing shift resources and activities, supervising, monitoring, mentoring and acting as escalation point for L1s, driving shift metrics and managing shift handovers.
• Performing binary analysis on suspicious files.
• Participation in the development of new SIEM rules and analytics.
• Conducting security research and intelligence gathering in regards to emerging threats and exploits.
• Participating in Customer projects.
• Completing monthly reports and handling monthly client meetings.

Skills, Knowledge & Experience:

• Security/Network operations or engineering, Administration on Unix, Linux, or Windows.
• Proven experience with common security operations systems, Intrusion Detection Systems (IDS/IPS), Security Incident Event Management systems (SIEM), anti-virus log collection systems, vulnerability management, etc.
• Demonstrated experience with a wide variety of security logs to detect and resolve security issues.
• Strong problem resolution, judgment and decision making skills.
• Proactive and cooperative relationships exist within own team and other individuals/groups that interface with the team.
• Familiarity with current legal and regulatory requirements around information security and privacy, including PCI, SOX, HIPAA, etc.
• Experience with security events, including large-scale breaches, is a must; as is the ability to identify themes and trends out of large datasets.
• CISSP, GCIA, or GCIH certification required.
• BA/BS in Computer Science, Information Security, or related field or three years of equivalent experience.

The Interview Process:

• Screening call: Phone call with our recruitment team to assess your suitability for the role, but also if the role is right for you.
• First interview: Video call over MS Teams with Cyber Operations Manager.
• Second interview: Site based with the Cyber Operations Manager & SOC Team Member.

Equal Opportunities at Acora:

Acora is an equal opportunity employer, committed to providing equal opportunities regardless of race or ethnic origin, gender identity, family situation, sexual orientation, disability, religion or age. We hire our people on the basis of qualifications, merit, skills, and business need. We are a Level 1 Disability Confident Committed Employer and will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, perform essential job functions, and receive equitable benefits and all privileges of employment. Please contact us to request any reasonable adjustments.