Skip to main content

We have over 50,000 UK jobs available, so why not start a new job search on Zoek


SOC Analyst

  • Location: WGC
  • Salary: Competitive
  • Contract hours: FullTime

Job provided by Tesco


Share this job on social:


About the job

SOC Analyst

As a SOC Analyst, you will primarily focus on the detection, investigation, and resolution of security incidents by applying a blend of your technical skills, experience, and knowledge of security principles. Furthermore, you will contribute to the effectiveness and maturity of the Security Operations Centre (SOC) team by contributing to tooling, updating and creating new run books, and keeping abreast of the latest patterns and trends within the wider security arena. Maintaining a high-level of awareness, improving our incident response, and remediation support are day to day team activities. You will commit to maintain proficiency, research and share the latest attack techniques, new concepts, and other interesting security related topics.

You will be on your way to building a strong security-themed portfolio of experience and roles. You see this SOC Analyst role within Tesco, a leading international retailer and technology organisation, as the next logical step to develop and hone your skills. You will be enthusiastic, resourceful, and innovative. Furthermore, you will relish the challenge of solving complex problems by drawing upon your curiosity, technical knowledge, and ability to think outside the box.
Key Skills and Experience

  • Following our Business Code of Conduct and always acting with integrity and due diligence
  • Triage of security alerts; employs a methodical and coherent response to security incidents
  • SIEM tooling operation or administration (e.g. Splunk, ELK Stack, QRadar)
  • Utilise playbooks, checklists, and online resources for guidance in response to incidents
  • Proactive development of SOC tooling, techniques, and processes to improve incident response
  • Propose improvements and recommendations to increase visibility and effectiveness of security monitoring systems
  • Perform technical analysis from varied data sources (endpoint event logs, SIEM data, dashboards, enterprise applications), then develop and present coherent and reasoned next steps
  • Leverage your technical skills, experience, and systems data to respond to complex security incidents in an innovative and effective manner
  • Use your hands-on experience and theoretical understanding of TCP/IP and other related network protocols: TCP, ARP, ICMP, DHCP, DNS, HTTP, SNMP
  • Command line experience and using/modifying basic scripts
  • Working knowledge of the Cyber Kill Chain and/or Incident Response Phases
  • Perform business as usual tasks (e.g. access to UK Data Centres, write reports, maintain and utilise information security communication channels, escalate incidents and non-compliance)
  • Broad understanding of key security concepts/principles (CIA, threats, vulnerabilities, and exploits)
  • Broad understanding of commonly-accepted attackers' tools and tactics

Desirable Experience / Tools / Technologies

  • Strong background in Information Technology; though not necessarily in security
  • Proficient in at least one or more, within a corporate environment, from:

  • Endpoint operating systems (e.g. Microsoft, Linux, and/or OS X; especially Kali)

  • Core networking principles (e.g. switches, routers, wireless access points, Internet)
  • Infrastructure security devices (e.g. firewalls, proxies, IDS/IPS)
  • Supporting enterprise level services (e.g. AD, DNS, DHCP, IIS, Apache, VPN/DA, Databases)
  • Anti-virus, anti-malware, ransomware, data leak protection
  • Vulnerability management, endpoint forensics, intrusion analysis activities
  • Cloud computing platform (e.g. AWS, Azure, GoogleCloud)
  • Open Source Security tools
  • One or more from: Python, PowerShell, Bash, Java
  • Exposure to Agile/DevOps methods of working

Essential Certifications (or willingness to achieve within 9 months of starting)

  • CompTIA N+, CompTIA Security+, ISC2 SSCP, Splunk Power User

Desirable Certifications

  • One or more from: CompTIA A+ and/or CompTIA N+, CompTIA Security+, GSEC, GCIH, GCIA, CEH, OSCP, SSCP, CCENT, CCNA, CCNA Security. Where appropriate other industry relevant certifications will be considered.

​Academia

  • Relevant university degree or equivalent work experience

Soft / Personal Skills

  • Demonstrable curiosity, enthusiasm, and pro-active attitude to security and personal development
  • Commitment to driving SOC capability towards greater maturity and observing KPIs along the way
  • Problem solver by nature, willingness to challenge the status quo
  • Excellent interpersonal skills, and written and oral communications, self-motivator
  • Team player and independent worker, relationship builder
  • Ability to liaise with subject matter experts, key stakeholders, and colleagues at all levels

Our business was built with a simple mission – to be the champion for customers, helping them to enjoy a better quality of life and an easier way of living. This hasn't changed. Customers want great products at great value which they can buy easily and it's our job to deliver this in the right way for them.

Benefits Package

  • Colleague Discount Card (including a second card for a family member) after 6 months service with 10% off most purchases at Tesco.
  • An annual bonus scheme where you could achieve up to 3.5% of eligible 2017/18 earnings.
  • Childcare Vouchers
  • Share Schemes
  • Deals & Discounts through Tesco including Tesco Mobile & - Tesco Bank
  • Deals and Discounts through many other external businesses
  • Sunday and Out of Hours premiums available

Location

Map

Share this job on social:

close

Before you go...

Did you know that Zoek has over 100,000 UK jobs available, your next job could be a click away! Start a new job search on Zoek!

Did you know that Zoek has over 100,000 UK jobs available, your next job could be a click away! Start a new job search on Zoek!