Share this Job

Tier 2 CSOC Analyst

Date: 24-Aug-2021

Location: Malvern, England, GB

Company: QinetiQ

QinetiQ are looking for an experienced Cyber Analyst to join our CSOC based from Malvern. Working as a member of a large and growing team, you will provide defence against cyber-attacks and play a vital role in the monitoring, analysis and management of security events/incidents emanating from client networks and systems. This is a hands on operational role where you will be deeply involved in day to day incidents, using your broad experience to combat threats and resolve incidents in a timely manner.


Responsibilities will include:


  • Day to day incident triage and escalation, using contextual and technical threat intelligence
  • Tool and content configuration based on contextual and technical threat intelligence to improve detection and analysis.
  • Guiding, coaching and mentoring analysts who are providing the core SOC functions, including but not limited to, alert triage, incident escalation, content creation etc.
  • Technical liaison between other service lines/capabilities, including threat hunting, incident response and incident investigation
  • Contribute to design and development of defend and respond strategies, tradecraft and playbooks.
  • Contribute to definition of hunting methodologies and approaches, to be used in the identification of cyber threat actors


The successful candidate will have previous experience in a Cyber SOC or equivalent environment, with experience working with a variety of SIEM, EDR, IPS, IDS, firewall and security gateway platforms & technologies. You will be able to demonstrate effective technical leadership in an operational cyber defend security environment, able to take responsibility for decision making and progressing incidents/Investigations. You will be comfortable working as part of a team, able to listen to opinions, considering all opinions, and then making a decisions.


The following desirable knowledge/experience would be useful but not essential:


  • Able to leverage a solid foundation of knowledge on the MITRE ATT&CK framework to understand actor TTPs and how to mitigate them, and keep up-to-date with changes and additions to the framework
  • Knowledge of relevant frameworks such as GPG-13, and CIS 20
  • Knowledge of relevant regulations and legislation such as ISO 27001, GDPR, and the Computer Misuse Act
  • Relevant SANS/GIAC or similar qualifications
  • CREST Registered Intrusion Analyst
  • COMPTIA Network plus






Why Join QinetiQ?

As we continue to grow into new markets around the world, there’s never been a more exciting time to join QinetiQ. The formula for success is our appetite for innovation, courage to take on a wide variety of complex challenges. You’ll experience a unique working environment where teams from different backgrounds, disciplines and experience enjoy collaborating widely and openly as we undertake this exciting and rewarding journey. Through effective teamwork, and pulling together, you’ll get to experience what happens when we all share different perspectives, blend disciplines, and link technologies; constantly discovering new ways of solving complex problems in an diverse and inclusive environment where you can be authentic, feel valued and realise your full potential. Read more about our diverse and inclusive workplace culture here.  

Joining QinetiQ offers you an opportunity to work on a broad range of interesting defence-based projects with vast career progression across a global organisation in addition to competitive personal and professional benefits.  You’ll receive highly competitive salary and benefits package: our basic salaries are very attractive as we constantly review what’s happening in the market. The range of benefits that we offer include, flexible working, generous holiday entitlements, Health Cash Plan, Private Medical Insurance and Dental Insurance and much more. 


About QinetiQ:

As a company of over 6,000 dedicated professionals, we are a world-centre of excellence in research and development and act as a catalyst for fast-track innovation, offering outstanding experimentation facilities, and technical, engineering and scientific expertise. QinetiQ is made up of dedicated experts in defence, aerospace, security and related markets, all working together to explore new ways of protecting what matters most. Being part of QinetiQ means being central to the safety and security of the world around us. Partnering with our customers, we help to save lives; reduce risks to society; and maintain the global infrastructure on which we all depend. Come and find out how you can play a role.