CyberSOC Specialist

We are looking for an experienced Cyber Security Operations Centre (CSOC) Specialist to join our dedicated team. This role is critical to providing continuous monitoring, proactive threat hunting, and incident response for our partners. The CSOC Specialist will work closely with partners and internal teams to ensure comprehensive protection against security threats based on industry standards.

Key Responsibilities

Security Monitoring and Threat Detection:

• Monitor and analyse security events across multiple client environments.
• Correlate security incidents and log data across diverse infrastructures to identify patterns and potential risks.
• Escalate identified incidents according to pre-defined protocols and client-specific SLAs.
   

Incident Response and Coordination:

• Lead initial incident triage, investigation, and response to security incidents, adhering to incident classification and escalation procedures.
• Collaborate with internal teams and stakeholders for effective incident containment, mitigation, and remediation.
• Ensure detailed documentation for each incident and assist in root cause analysis and developing actionable recommendations to improve security posture.

Threat Intelligence and Advanced Defence:

• Integrate threat intelligence to proactively identify indicators of compromise (IOCs) and strengthen detection mechanisms.
• Contribute to proactive threat-hunting efforts, utilizing current threat intelligence feeds and vulnerability data to identify potential risks before they impact clients.
• Research and track emerging threats relevant to client environments, helping to adjust defences accordingly.

Client-Focused Reporting and SLA Management:

• Maintain compliance with SLAs defined in the MSSP agreement by prioritizing and resolving incidents within specified time frames.
• Produce partner-specific reports on security activities, incident trends, and performance metrics to support transparent and proactive communication.
• Assist clients with audits and compliance efforts by providing accurate and thorough incident documentation aligned with NIST, ITIL, and other frameworks.

Continuous Improvement and Service Excellence:

• Participate in fine-tuning detection tools and refining processes to reduce false positives and enhance service quality.
• Collaborate with the MSSP Service Excellence team to identify opportunities for service improvement, process optimization, and client satisfaction.
• Stay informed on the latest industry practices, contributing to the continual enhancement of our MSSP service offerings.

Collaboration and Knowledge Sharing:

• Work closely with the other departments in the IT team partners to ensure cohesive incident management and response.
• Share knowledge and insights with team members, fostering a collaborative environment and mentoring junior engineers as needed.
• Support client security awareness initiatives, assisting with training and tabletop exercises to improve overall security readiness.

Qualifications and Experience

• Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field.
• Experience with Microsoft Sentinel, Microsoft Defender, IDS/IPS, and endpoint detection tools.
• Familiarity with ITIL processes, NIST standards, and incident response frameworks is highly desirable.
• Relevant certifications such as CompTIA Security+, Certified SOC Analyst (CSA), or Security Operations Analyst Associate.

Skills and Competencies

• Strong analytical skills and a client-focused approach to managing security incidents.
• Knowledge of security infrastructure, operating systems, and network protocols.
• Excellent communication and documentation skills, with the ability to convey technical information clearly to clients.
• Ability to manage high-pressure situations with a calm, methodical approach.

What TDM Can Offer You

• Medical & Dental insurance.
• Additional holiday days for length of service.
• Regular team and company social events.
• Vendor certifications and training.