Customer login

3rd Line Security Analyst

UK wide

The 3rd Line Security Analyst will be responsible for resolving escalated security incidents, managing breaches, and performing technical changes to proactively harden our customer’s cyber-security posture.

Typical tasks will include creation of security processes and frameworks, advanced system hardening, threat intelligence and research, triage and remediation of SIEM incidents and alerts, and documenting customer’s infrastructure and assets. You will work closely with the Security Service Delivery Manager to ensure customer security issues are dealt with effectively and to a high level of customer satisfaction. 

Exceptional technical product and process knowledge needs to be accompanied by excellent customer service skills, and meticulous attention to detail.

Main Duties and Responsibilities:

  • Assist in the creation of proactive security hardening packages for customer environments.
  • Creation of security processes, frameworks, and documentation.
  • Apply advanced system hardening countermeasures to a wide range of platforms.
  • Perform forensic analysis, triage security incidents, and apply proactive remediation.
  • Proactive monitoring and threat hunting.
  • Proactive threat intelligence and research.
  • Vulnerability assessment and management.
  • Provide technical support and guidance for 2nd Line SOC Security Analysts and Security Service Delivery Manager.
  • Ownership of security incidents and breaches, as well as escalated issues from 2nd Line SOC Analysts through to resolution.
  • Documenting and articulating issues ready for escalation to the Head of Security.
  • Ability to work shifts to fulfil 24 x 7 support requirements.
  • Work closely with the Service Desk team for security related escalations.
  • Provide feedback and be part of the continuous improvement program.
  • Ensure excellent customer satisfaction is achieved.
  • Manage customer complaints through to resolution.
  • Assist the Security Service Delivery Manager with creation and delivery of customer facing reports.
  • Assist in maturing SOC processes.
  • Be accountable for the timely response and progression of incoming requests.

Skills, Experience and Qualifications:

  • Knowledge and experience with the following products / technologies, or similar products from other best of breed Security providers:
    • Azure Active Directory (AAD)
    • Active Directory (AD)
    • DNS
    • Azure MFA
    • Azure Virtual Desktop (AVD)
    • Azure Bastion
    • Syslog
    • Microsoft Sentinel
    • Azure Firewall
    • Azure Web Application Firewall (WAF)
    • WDAC / AppLocker
    • AAD Password Protection
    • AAD Privilege Identity Management (PIM)
    • Azure Arc
    • Microsoft Defender for Endpoint
    • Microsoft Defender for Office 365
    • Microsoft Defender for Identity
    • BitLocker Encryption
    • AAD Self-Service Password Reset (SSPR)
    • Microsoft Intune / Endpoint Manager (MEM)
    • Microsoft Defender for Cloud
    • Microsoft Local Administrator Password Solution (LAPS)
    • AAD Identity Protection
    • Azure Key Vault
    • Azure Entitlement Management
    • Risk-Based Conditional Access
    • Access Reviews
    • Azure App Proxy
    • Azure Network Security Groups (NSG)
    • Information Protection
    • Insider Risk Management (IRM)
    • Azure Policies
    • Microsoft OneDrive / Teams / SharePoint
    • Azure Storage Accounts
  • Strong technical knowledge and a willingness to share or mentor others.
  • Previous Project Engineering / Consultancy experience desired.
  • Previous SOC experience preferred.
  • Extensive knowledge and experience with Microsoft Windows Server and Client operating systems.
    • Linux experience is a bonus.
  • Extensive knowledge and experience in networking products and frameworks, such as firewalls, switches, wireless infrastructure, WAF, application gateways and the OSI 7-layer model.
  • Knowledge of Kusto Query Language and PowerShell scripting languages advantageous.
  • Excellent technical document writing experience (network and traffic flow diagrams, playbook documentation) essential.
  • Relevant industry certifications are a bonus.
  • Self-motivated, and organised.
  • Ability to cope under pressure and prioritise work accordingly.
  • Ability to work to customer and internal deadlines.

This job description is intended as a general indication of the main responsibilities of the job and does not include detailed instructions on how tasks are undertaken. You may be required to carry out additional tasks within your capability as necessitated by your changing role within the organisation and to meet the needs of the business.

Sound good? If you’re interested in joining our journey, simply email your CV and covering letter to careers@transparity.com.

We are Disability Confident

Transparity have a proactive attitude when it comes to looking after the wellbeing and inclusion of all our employees. We promote equal opportunities through our recruitment process and a positive, inclusive culture across the business which we are proud of. We are diverse in our approach to recruitment and recognise that talent comes in all different forms. The diversity in our team is what helps our business work so well. To find out more about our disability commitment, please contact our People and Culture team or just ask during your interview.

If you are a person with disabilities and require reasonable adjustments to be made to make your application, please contact Michelle Wilson on 01202 80000 or careers@transparity.com.
Skip to content