Security Operations Centre (SOC) Analyst

Civica develops software for local and national government, education, health and care. Over 5,000 public bodies across the globe use our software to help deliver critical services to over 100 million citizens. 

Our aspiration is to be a GovTech champion everywhere we work around the globe, supporting the needs of citizens and those that serve them every day. Building on 21 years of continuous growth and success, we're at a pivotal point on our journey to realise that aspiration. 

As a company, we're passionate about what we do and the citizens we help to serve. If you too would like to help champion the use of technology in public services, to improve outcomes for citizens and public sector organisations, then Civica is the right place for you. We will help you unlock the best version of yourself, achieve growth in your career whilst making a real difference to people and communities.  

Why will you love this opportunity as Security Operations Centre (SOC) at Civica?

You will be working within a global (24/7) Security Operations Centre (SOC) team that includes Analysts, Engineers, and a SOC Manager.

You will monitor Microsoft Sentinel and Microsoft Defender, and other technologies where required including IPS, Email Gateways, Web filtering services and Antivirus. You will assess real-time and historic logs to investigate suspicious activities, identify potential attack patterns, incidents of compromise and spot security weaknesses. In the event of a breach, the SOC analysts are responsible for proactively notifying the appropriate business stakeholders about serious security events. You will work with the team to determine an appropriate timely response and keep accurate records of all actions taken to contain and close the issue.

You will handle internal customer requests, particularly around phishing, spam and/or Anti-virus issues.

You will also be assessing risks from a Surface Attack Tool, developing and using OSINT tools to collect open-source intelligence from published sources and liaising with business units to inform, mitigate, or remediate issues.

Requirements

• A deep understanding of security principles
• Use of Microsoft Sentinel and/or Defender
• Minimum 3 years' experience working in IT, with at least 1 year in a security-based role.
• Any recognised certifications in security or evidence that you are studying for an exam
• Excellent problem-solving skills and the ability to "think outside the box" under pressure.
• Security Incident Response and Handling techniques
• An expert knowledge of enterprise and cloud security infrastructure and systems,
• Ability to identify Email, IPS and Anti-Virus events and take appropriate action.
• Ability to research and develop new practices for self-development, but also to enhance the teams' capabilities.
• Excellent communication skills
• Knowledge of threat intelligence platforms or scripting (e.g., PowerShell)
• Understanding of Vulnerability management tools and/or Surface Attack Tools.
• Be able to work in rotating shift patterns (changing monthly) to help secure offices in different time zones
  
  
  

Benefits

We know that when our people are happy, they will work better and have greater work satisfaction. Here's what you can expect:

• We provide an inclusive, safe, and welcoming environment to all staff 
• Training - CIVICA offers training to help learn about our changing technical environment and also help you develop new skills.
• Mentoring - Within the wider security team (Blue team, red team strategic security) there are opportunities to learn from others.
• Giving culture - we encourage you to "give back" with benefits such as our Days of Difference leave where you can volunteer for a charity of your choice.
  
  

Apply for this job - If you have a diverse background in IT, enjoy solving problems with your teammates, have organisational skills to pull complex findings together and are a critical thinker, who can think about the impact of events and/or actions you might take, this role is perfect for you.