Data flowing across a circuit board in a server

Senior SOC Analyst

Posted on 15 December 2020

About the role

Kroll’s Cyber Risk team works on over 2,000 cases a year, including some of the most complex and highest profile matters in the world. With experts based around the world, supported by ground-breaking technology, we help protect our client’s data, people, operations and reputation with innovative assessments, investigations and intelligence. We are the only company in the world with the expertise and resources to deliver global, end-to-end cyber risk management, supporting organizations through every step of their journey toward cyber resilience.

Clients count on us for quick and expert support in the event of and in preparation against a cyber incident; from incident response to risk assessments, and complex forensics to breach notification and ID theft remediation we help clients – of all sizes – respond with confidence.

This Senior Analyst role will be an integral member of the Threat Hunting and Incident Response leadership for the Security Operation Centre. They will help identify, implement and document appropriate methodologies and provide instruction to more junior members of the SOC team in delivering these areas to customers.

At Kroll, your work will help deliver clarity to our clients’ most complex governance, risk, and transparency challenges. Apply now to join One team, One Kroll.

Duties and Responsibilities

Carry out in-depth investigation on security events, raise incidents and support the Incident Management process.
Provide remote incident response activities and advice to support customers during and immediately after security incidents.
Respond to system generated alerts, analyse logs and traffic patterns.
Maintain and improve SIEM correlation rules and Endpoint Protection detections.
Supporting multiple customer environments concurrently.
Provide analysis and trending of security log data and network traffic.
Generate customer facing security reports.
Integrate and share information with other analysts and other teams.
Other duties as assigned.

About you

Requirements

A passion for security and enjoys solving problems.
Experience working with SIEM and EDR systems.
Good knowledge of Cyber Security Incident Response processes & procedures.
Excellent knowledge on the fundamentals of Windows and Unix systems.
Good understanding of host forensics, memory forensics and network forensics.
In-depth knowledge of the security threat landscape.
Knowledge of various security methodologies and processes, and technical security solutions.
Knowledge of TCP/IP Protocols, network analysis, and network/security applications.
Knowledge of investigation techniques to determine security incidents.
Ability to multi-task, prioritize, and manage time effectively.
Strong attention to detail.
Excellent interpersonal skills and professional demeanor.
Excellent verbal and written communication skills.
Excellent customer service skills.
Industry standard certifications such as: CREST CRT, CREST CCT, OSCP, GCFA, GNFA, GREM.
3+ years’ or more of experience as a Cyber Security Analyst or equivalent.
Bachelor's degree in related field or equivalent experience and knowledge
Prior experience actively using endpoint threat detection and response (EDR) products to investigate threats such as VMWare Carbon Black, Windows Defender ATP, CrowdStrike Falcon, Sentinel One, Trend Micro XDR, Tanium, or others.

Apply here

Technical
London

About Redscan

Kroll is the world’s premier provider of services and digital products related to valuation, governance, risk and transparency. We are an independent advisory firm with nearly 5,000 professionals in 30 countries and territories around the world.

Redscan, the award-winning cyber security services provider, is now part of Kroll’s Cyber Risk practice. We work on over 3,000 cases a year, including some of the most complex and highest profile matters in the world. With experts based around the world, supported by ground-breaking technology, we help protect our client’s data, people, operations and reputation with innovative assessments, investigations and intelligence. We are the only company in the world with the expertise and resources to deliver global, end-to-end cyber risk management, supporting organizations through every step of their journey toward cyber resilience.

This is a great opportunity to join an innovative and rapidly expanding team to deliver best-in-class cyber security services. We embrace diverse backgrounds and global perspectives, and we cultivate diversity by respecting, including, and valuing one another. As part of One team, One Kroll, you’ll contribute to a supportive and collaborative work environment that empowers you to excel.

“All of the SOC team undergo rigorous training to enable us to provide the best support and advice to our customers. Each of us loves what we do, which means we go the extra mile with every activity, from helping to tackle malware to forensic analysis.”

Juliette

SOC Team Lead

“At Redscan, everyone has a genuine passion for what they do. If you want to work for an employer that recognises hard work and has a clear vision, not just for your progression, but for the company’s, Redscan is the place for you.”

Juliette Hudson

SOC Team Lead

“I really enjoy collaborating with teams across the business to ensure we support the security needs of our clients as effectively as possible. Redscan offers a friendly and sociable working environment plus excellent training and career opportunities for people interested in making a difference.”

James Oviedo

SOC Shift Lead

“I enjoy the challenge of my role and helping to solve problems to give customers a better service. I like working with experts in the field who are passionate about cyber security and are always willing to get stuck in. Redscan is a company where drive and dedication are rewarded and you can go far by having the right attitude. It is the perfect place to work if you’re driven, passionate and willing to think outside the box.”

Ashleigh Farrand

Head of Service Operations

“I really enjoy the fast-paced, challenging environment at Redscan. I am involved in many different areas of the business and get to learn new skills as well as develop existing ones. At Redscan, you will be given tools and support from all areas of the business to allow you to really excel in your role, but also be prepared to be a self-starter and take on the challenge of working within a rapidly-growing organisation.”

Jordan Sumray

Business Development Manager

“The people and atmosphere are my favourite part of Redscan. Everyone is dedicated to their work and easy to get on with, regardless of their level or seniority. I think it’s a great time to join a growing and exciting company, one that makes you feel valued and where you’re working on important and progressive technologies.”

Rachel Savage

Corporate Services Manager

“In my role, every day is different and brings new challenges. It’s not boring and it’s definitely not your nine to five office job! For me, Redscan is more than the company I work for: I’ve made a lot of friends here as well. I like the culture. Redscan feels more like a family.”

James Harvey

SOC Team Lead

“What I enjoy most about working for Redscan is being part of a team and knowing that my contribution is valued. At Redscan you will get the support you need to be the best that you can be.”

Gina Hudspeth

Office Manager, Nottingham

“Being new to a company can be daunting, but with the overwhelming support and welcoming personalities of my colleagues, I found integrating into my new role a pleasure. The people at Redscan are passionate and committed to the business and its customers. Redscan has an experienced, skilled and talented workforce that can help you excel and grow your skillset. Plus, we’re a friendly bunch!”

Andrew Harrison

Senior Developer