Skip to main content

SOC Analyst (Insider Threat)

Job Description

Job Type: Contract
Off-Payroll Working Regulations (IR35) : Outside
Clearance: DV
Duration: 24 months
Location: Nr Heathrow (London)

CND are partnered with a government entity to deliver a Protective Monitoring Auditor to bolster and develop the security posture of critical systems.

The role of the Protective Monitoring Auditor is to understand and identify security event sources, and the events and logs that these generate. The successful candidate will have excellent technical knowledge particularly in the area of network event analysis, and incident response.

Job Details

Key Responsibilities

  • Act as technical experts for the toolsets and capabilities required to deliver Auditing capability.
  • Monitor multiple networks/systems using a range of industry recognised tools.
  • Provide incident reports as required.
  • Work closely with the client on system improvements and change following significant investigations
  • Provide on the job (skills transfer) training to the end client.
  • Develop process documentation to be handed over.
  • Chair security meetings.

Essential Skills

  • Experience with the following solutions (use cases and dashboards):
    • ArcSight Logger
    • ArcSight ESM (Enterprise Security Manager)
    • LogRhythm (Client Console and Web Console)
  • Previous experience working in a security cleared environment.
  • Confident communicator with technical and non-technical stakeholders
  • Experience mentoring junior analyst

Desirable Qualifications

  • Advantageous to have experience with the following:
    • Assuria
    • Cornerbowl
    • WhatsUp Gold
  • Advantageous to have the following qualifications / Certifications:
    • CISSP / SANS GSEC
    • SANS GCIA / SANS GCIH

Candidates must hold valid UK Security Clearance or be able to attain the level of Clearance specified.

Apply Now

Apply for a Job Vacancy
See a role that suits you? Want to join our team or work with one of our clients? Apply now!
Your Application
Select file...

Point of Contact

If you have any questions about this role, please get in touch with Matt at This email address is being protected from spambots. You need JavaScript enabled to view it.