Security Operations Centre Analyst

About Integrity360

Integrity360 is the largest independent cybersecurity provider in UK&I, with Security Operations Centers in Dublin & Sofia, employing 310+ employees, of which over 80% are technical. We help our clients proactively identify, protect, detect and respond to threats against the ever-evolving threat landscape. Our security first approach positions security as an enabler and empowers our clients to do business securely.

You would be joining Integrity360 at an immensely exciting time. In June 2021 the company received a strategic investment from August Equity (one of the UK’s most successful mid-market private equity firms). Our intention is to grow Integrity360 into the leading cyber services and solutions provider in Europe. The market for cybersecurity services has never been stronger and is growing at an aggressive rate. Integrity360 is one of the most respected and established service providers in the industry and is well positioned to achieve a market leadership position over the coming years. We believe we have significant opportunities for growth especially over the next 36 months. With the right levels of energy, tenacity and skill, your opportunity for personal success and contribution to our overall aspirations is considerable.

​

Job Role & Responsibilities

In this role you will be expected to perform traffic analysis, intrusion analysis and detection of threats based on system alerts and logs. Additional duties would include the authoring of security procedures. You will be required to monitor third party security related websites, forums, and mailing lists for information regarding new threats and vulnerabilities. The security analyst will verify security events as security incidents; correlate and collate the information; and develop, edit, and deliver security reports to enterprise-level customers. The role requires flexibility and the ability to work extra hours when the business calls for it. A good knowledge of Information Security is required for this role.

Primary Duties/Responsibilities include:

• Review security events to evaluate the risk they present in the context of the environment they are in.
• Analyse logs for anomalies in the environment.
• Perform in-depth investigation on confirmed security incidents.
• Identify, contain and eradicate threats in the environment.
• Perform analysis of malicious code and activity.
• Tuning security toolsets.
• Document complete details and evidence of investigation and providing reports to incident stakeholders.
• Responsible for generating reports to the partners and stakeholders showing internal threat landscape.
• Document work efforts and update the tool documents that are already in place.
• 24 x 7 on-call support on a rota basis may form part of the role.

​

What you bring to us

The ability to demonstrate a dynamic interest in solving information security issues; analytical ability to break down problems into constituent parts.

Flexibility to handle several information security issues simultaneously.

The ability to communicate well and demonstrate a good understanding of customer issues together with the aptitude to develop a natural empathy with customers in relation to their business requirements.

The ability to work in a team environment and on your own initiative and the desire to work on escalated issues from other team members.

Demonstrate an ability to audit an IT Environment and provide security & process recommendations.

Aptitude for solving problems and acting on own initiative.

Excellent leadership skills.

Highly motivated with a willingness to learn new technologies.

Effective communicator with a positive and confident attitude both written and verbally.

Good written skills with capability to create well formatted, grammatically correct documents.

Fluent English speaker.

A strong team player with a flexible approach.

Can demonstrate consistency in their work attitude.

​

Desired Skills

• Experience working with security event detection tools like IPS, SIEM, DLP, Anti-virus, etc.
• Ability to perform event correlation, host/ network threat analysis.
• Ability to manage multiple incidents and make effective decisions under high pressure environment.
• Experience in performing analysis on network pcaps and documents for malicious activity or codes.
• Conceptual knowledge in Networks and Network Security.
• Understanding of Network infrastructure hardware and protocols (TCP/IP, switches, bridges, routers, proxy servers, VPN concentrators).
• Understanding of Security protocols (IPSec), and encryption technologies (3DES, AES, SHA2, TLS).
• Understanding of basic security principles such as Confidentiality, Availability, Integrity.
• Familiar with security best practices.
• A process of on-going certification for the benefit of the business and for self-development is encouraged .
• Review the adequacy of the security controls and their ability to protect the information system and its information.
• Experience with Splunk is a plus.
• Experience using SIEM & IPS solutions is a plus.
• Strong Microsoft Word & Microsoft Excel skills required.

​

Qualifications

Any of the following accreditations/certification will be highly beneficial:

• Security industry certifications: GSEC, GCIH, GCFA or similar security certifications.
• Ideal candidates will possess a working knowledge of Intrusion Prevention System (IPS), SIEM, SOAR & DLP.
• Experience working with threat hunting tools.