GSOC Attack Monitoring Analyst

GSOC Attack Monitoring Analyst LSEG Security Operations is a central function employing people, process and technology to continuously monitor and respond to cyber security incidents. Security Operations spans multiple domains including cyber threat intelligence, cyber threat detection, data loss prevention and cyber incident response. This role is for an Attack Monitoring Analyst for the Global Security Operations Centre (GSOC). The role is responsible for identifying and responding to cyber security incidents and improving the defensive capabilities of the GSOC. The ideal candidate will have a solid technical background, with a firm grasp of modern charge techniques coupled with knowledge of the typical lifecycle of an attack. Shift Role operates on a shift rotation. Shifts are 07:00 - 19:00 or 08:00 - 20:00 (subject to UK BST) using a 4 days on, 4 days off rotation. Responsibilities • Triage security events and employ a methodical and coherent response to security incidents adopting playbooks where vital. • Competently operate a chosen SIEM (e.g. Splunk/QRadar/LogRhythm) for incident investigations, or for the development of supervising dashboards. • Utilise playbooks, existing knowledge and accurate online resources for guidance when responding to incidents. • Utilise online resources for researching and collecting threat intelligence to improve the SOC's abilities to detect cyber-attacks. • Develop new, or improve existing run books and use cases based on investigations and knowledge of modern attacks. • Stay up to date with current vulnerabilities, attacks, and countermeasures. • Identify, respond and remediate cyber events generated through monitoring technologies. Experience • Preferred experience with operating or administrating a SIEM (e.g. Splunk/QRadar/LogRhythm). • Strong working knowledge of networks including the TCP/IP stack, typical organisation architectures, and common protocols abused by malware. • Experience in security event analysis & triage, incident handling and root-cause identification. • Understanding of tools, techniques and procedures that attackers use to compromise organisations, ideally from direct experience. • Knowledge of cyber security either academically or within corporate environments. • Ability to work with a sense of urgency while remaining calm under pressure. • Strong verbal and written communication and collaboration skills. • Security industry specific and core technical accreditations such as OSCP, GIAC, CCNA. • Certification demonstrating SIEM operational competences. • Proficient with one or more programming languages (e.g. Python, PowerShell, Java, C#). LSEG is a leading global financial markets infrastructure and data provider. Our purpose is driving financial stability, empowering economies and enabling customers to create sustainable growth. Our purpose is the foundation on which our culture is built. Our values of Integrity, Partnership , Excellence and Change underpin our purpose and set the standard for everything we do, every day. They go to the heart of who we are and guide our decision making and everyday actions. Working with us means that you will be part of a dynamic organisation of 25,000 people across 65 countries. However, we will value your individuality and enable you to bring your true self to work so you can help enrich our diverse workforce. You will be part of a collaborative and creative culture where we encourage new ideas and are committed to sustainability across our global business. You will experience the critical role we have in helping to re-engineer the financial ecosystem to support and drive sustainable economic growth. Together, we are aiming to achieve this growth by accelerating the just transition to net zero, enabling growth of the green economy and creating inclusive economic opportunity. LSEG offers a range of tailored benefits and support, including healthcare, retirement planning, paid volunteering days and wellbeing initiatives. We are proud to be an equal opportunities employer. This means that we do not discriminate on the basis of anyone's race, religion, colour, national origin, gender, sexual orientation, gender identity, gender expression, age, marital status, veteran status, pregnancy or disability, or any other basis protected under applicable law. Conforming with applicable law, we can reasonably accommodate applicants' and employees' religious practices and beliefs, as well as mental health or physical disability needs. Please take a moment to read this privacy notice carefully, as it describes what personal information London Stock Exchange Group (LSEG) (we) may hold about you, what it's used for, and how it's obtained, your rights and how to contact us as a data subject . If you are submitting as a Recruitment Agency Partner, it is essential and your responsibility to ensure that candidates applying to LSEG are aware of this privacy notice.