Security Incident Handler
SCC
Birmingham, UK
4d ago

Information Security is critical to the ongoing success and reputation of the Specialist Computer Centre (SCC) as a Managed Security Service Provider (MSSP).

As part of SCC continuing successful growth delivering security products and Security as a Service (SECaaS).

We now have an exciting opportunity for a Security Incident Handler’ to join our Security Operations Centre (SOC) Team.

This role will see the ideal candidate working with operational and business teams, to provide end to end oversight and efficiencies of all security incidents handled by the SOC.

What I need to do

  • Be the Security Services point of contact to drive all cyber incidents that are managed by the SOC
  • Act as liaison between MIM and SOC team during major incidents
  • Associate Incidents with other records (i.e. Incidents, Changes, Problems, Knowledge Articles, Known Errors, etc.)
  • Identify Incidents for review and Create incident reports PIRs
  • Keep incidents status up to date through regular updates
  • Verify resolution with users and resolve Incidents in ITSM tool
  • Escalate Incidents at risk of breaching Service Level Agreement
  • Document troubleshooting steps and service restoration details / Create and submit knowledgebase articles
  • Oversee all aspects of security incident management process / workflows from evaluation to resolution
  • Maintain regular communication with SIEM / Platform / MIM / Infrastructure / Customer teams
  • Drive incidents to a conclusion based on SLAs and criticality level
  • Coordinate the activities of analysts and parties external to the SOC Team involved incident response
  • Create and Define improvements on incident playbooks
  • Prepare weekly / monthly incident status report and trends Identify potential problems and / or increasing trend of repetitive Incidents
  • Skills and Experience

  • Familiarity with risk management and controls frameworks, cyber kill chain and NIST Incident response life cycle
  • Experience with information security related activities
  • Experience in dealing with incidents within an ITIL framework
  • Working knowledge about SIEM architecture
  • Being able to work with a diverse set of stakeholders in the organization from technical through management.
  • Strong report writing and communication skills
  • Strong written and verbal communication in English
  • Understanding of crisis management, business continuity and disaster recovery procedures
  • Ability to understand technical topics dealing with technical teams and explain and present them to management level executives
  • Being able to handle multiple competing priorities in a fast-paced environment to proceed high priority tasks to a resolution
  • What I need to show

  • A minimum of 5 years’ + experience within a SOC or Incident environment
  • Positive personal qualities including drive, professionalism, integrity and teamwork
  • Security Clearance (SC) or be able willing to undergo the process to gain clearance
  • Report this job
    checkmark

    Thank you for reporting this job!

    Your feedback will help us improve the quality of our services.

    Apply
    My Email
    By clicking on "Continue", I give neuvoo consent to process my data and to send me email alerts, as detailed in neuvoo's Privacy Policy . I may withdraw my consent or unsubscribe at any time.
    Continue
    Application form