Tech lead - SOC responder

Job Description

Colt provides network, voice and data centre services to thousands of businesses around the world, allowing them to focus on delivering their business goals instead of the underlying infrastructure.Why we need this role We are seeking a Tech Lead - SOC Responder. This is an opportunity to meaningfully contribute to a highly visible security operations function with global impact upon Colt, business units, partners, and customers. While working as part of this team, the successful individual will provide world class incident response functions to detect, protect, respond, and sustain operations within cyberspace.This role operates at a Tier 3 level , with the expectation that the individual has undeniable experience handling major and complex cyber incidents, independently leading and managing incidents end to end, delivering clear and effective stakeholder communication, and mentoring other members of the SOC team.What you will do Support SOC Manager to deliver the following SIEM, IR tools platform management including all design, implementation and administration activitiesUse cases preparation and implementation, connector deployment, maintenance & health checksResponsible for operational activities, Technology escalation support, Security Solution assessment, existing Service maturing and Build activities assistAnalyse potential infrastructure security incidents to determine if incident qualifies as a legitimate security breachEstablishing and governing the security incident response processes, investigations and security operational processesMaintenance and enhancement of formal service catalogue, service descriptions, targets and performance against theseEnsure security services, tools and platforms are adequately maintainedMonitoring of and reporting on the effectiveness of our security enforcing technologies.Identification and ongoing monitoring of specific security risks and KPIs and production of management information to ensure Colt receives value from key security investments/servicesContribute to design, development and maintenance of security standards and controlsAlign team's goals and plan with Colts long term priorities and strategyDevelop and grow the talent and people capability within the security teamsKey performance indicators Takes ownership for understanding what is expected of them / their team and ensures it is deliveredProactively requests Leadership for views and opinions; using this feedback to improve personal performanceReviews working methods regularly to identify ways of improving service delivery makes recommendations on what improvement can be made and owns delivery of agreed action plan and outcomesUnderstands cultural and utilises this understanding to build rapport across different teams in order to obtain the necessary cooperation.What we're looking for Information Security Incident Response experience with a focus on detection and response to malicious activity using log data from various sources preferredStrong Networking and Systems experience, preferably in an Enterprise environmentStrong understanding of Information Security and the threat landscape surrounding enterprise systemsStrong Scripting experience (python, powershell, Unix shell)Experience working in all phases of the SDLCDeep understanding and experience using cyber security operations, security monitoring, endpoint (EDR), Network, and SIEM ToolsPrior SOC experience a plusExtensive knowledge of network and server security protocols, technologies, and productsIndustry recognized certifications (CISSP, GCIH, GCFA, OSCP, etc) preferredStrong oral and written communication skillsRelentless curiosity and attention to detailAbility to learn quickly and leverage prior experiences to effectively solve current security challengesRefusing to accept the status quoQualificationsCombination of the following:Degree in Information Technology, Engineering or similarSIEM management - Desirable to have some advanced Certification from SIEM vendor on products such as ArcSight , MS Sentinel or LogrhythemWhat we offer you: Looking to make a mark?At Colt, youll make a difference.

Because around here, we empower people. We dont tell you what to do.Instead, we employ people we trust, who come together across the globe to create intelligent solutions.Our global teams are full of ambitious, driven people, all working together towards one shared purpose: to put the power of the digital universe in the hands of our customers wherever, whenever and however they want.We give our people the opportunity to inspire and lead teams, and work on projects that connect people, cities, businesses, and ideas. We want you to help us change the world, for the better. and inclusionInclusion and valuing of thought and experience are at the heart of our culture here at Colt.

From day one, youll be encouraged to be yourself because we believe thats what helps our people to thrive. We welcome people with diverse backgrounds and experiences, regardless of their gender or expression, , , , , neurodiversity, , marital status, status, or place of birth.Most recently we have:Signed the UN Women Empowerment Principles which guide our Gender Action PlanTrained 60 (and growing) Colties to be Mental Health First AidersPlease speak with a member of our recruitment team if you require adjustments to our recruitment process to support you. For more information about our and agenda, visit our DEI pages .BenefitsOur benefits support you through all parts of life, for both physical and mental health.Flexible working hours and the option to work from home.Extensive induction program with experienced mentors and buddies.Opportunities for further development and educational opportunities.Global Family Leave Policy.Employee Assistance Program.Internal & employee networks.A global networkWhen you join Colt you become part of our global network.

We are proud of our colleagues and the stories and experience they bring take a look at Our People site including our Empowered Women in Tech.Job Segment: Information Security, Cyber Security, Data Center, Work from Home, Unix, Technology, Contract, SecurityTPBN1_UKTJ