The Team

The Security Operations and Response Department Identifies, detects and investigates security threats affecting corporate and customer platforms gathered from disparate sources, including from cyber threat sensors and threat intelligence data.
The team will Implement containment, eradication, recovery, forensic and post incident measures commensurate with the threat to business operations and will coordinate and escalate response partners as appropriate.

REQUIRED SKILLS AND EXPERIENCE

• 3 Years+ Infra/Network/Security experience
• 2 Years+ SOC Analyst experience
• Understanding of Cyber Security Principles
• Understanding of SIEM
• Experience of, DLP, WAF, IPS, Web Proxy techs
• Experience of threat hunting
• Ability to obtain & hold security clearance

Some of the key responsibilities will include but not be limited to:

Work as part of a 24*7 SOC Shift team.

• Develop and maintain incident response playbooks for common threat and incident types, ensuring that colleagues are formally kept aware of any changes.
• Triage and manage Security Events and Incidents reported by both internal and external sources through their lifecycle, from identification through to mitigation, within defined SLA's.
• Support Security Incident Managers and other members of the Security team in the handling of major Security Incidents.
• Proactively hunting for threats through analysis and correlation of event and flow data from a variety of sources.
• Engage and escalate Security Incidents to TalkTalk resolver groups and third parties as appropriate.
• Identify and drive continual monitoring and response improvements, including use case, content and playbooks, that will lead to a reduction in Mean Time To Detect (MTTD) and Mean Time to Respond (MTTR) metrics.
• Perform root cause analysis of P3 & P4 incidents and drive resolution of contributing factors with Resolver groups and Business Stakeholders.
• Manage, monitor and maintain Security Operations managed Security Controls such as SIEM, DLP, SWG and WAF appliances.
• Handle incoming Security Service Requests & Queries on behalf of the wider Security team
• Ensure that personal and colleague Information Security knowledge is always current and up to date with latest threats and mitigation actions.
• Contribute to Daily Security Incident calls.
• Produce and deliver daily and weekly metrics and reports. 

Be great to also have the following experience:

• Relevant security qualification or degree
• Responsibility for managing security technologies
• Working in a Network Support function

As a recognised Top 50 Inclusive Employer in the UK, we know that diversity means success and innovation. We want our workplace to reflect the communities and customer we serve. Being inclusive is part of our DNA; we are all 100% human, and we create a culture where you can truly be yourself.

We’re also not your usual 9-5. We are a dynamic workplace and we want to talk to you about how you like to work.