The MBDA cyber security technician will support the technical optimisation to maintain SOC efficiency of tasks, alert tuning, network visibility and log ingesting to relevant toolsets. They will support the implementation of new tools and the updating and expansion of existing capabilities.
Salary : Up to £57,000 depending on experience
Dynamic (hybrid) working : 2 days per week on-site due to workload classification
Security Clearance : British Citizen or a Dual UK national with British citizenship
Restrictions and/or limitations relating to nationality and/or rights to work may apply. As a minimum and after offer stage, all successful candidates will need to undergo HMG Basic Personnel Security Standard checks (BPSS), which are managed by the MBDA Personnel Security Team.
What we can offer you:
Company bonus : Up to £2,500 (based on company performance and will vary year to year)
Pension : maximum total (employer and employee) contribution of up to 14%
Overtime:
opportunity for paid overtime Flexi Leave:
Up to 15 additional days Flexible working:
We welcome applicants who are looking for flexible working arrangements Enhanced parental leave:
offers up to 26 weeks for maternity, adoption and shared parental leave -enhancements are available for paternity leave, neonatal leave and fertility testing and treatments Facilities : Fantastic site facilities including subsidised meals, free car parking and much more… What we're looking for from you: Strong coding and scripting background – PowerShell, Python & Regex Proven ability to work with APIs, including HTTP/S headers and responses, JSON Objects. Proven experience with Proxies administration and changes. Windows (SMB) and *Nix (NFS) remote storage. Experience with applying certificates, software updates and the steps involved for end of life refresh activity. Experience with VMware/ Hyper-V Virtual machines and virtual switches. Experience in setting up, implementing and maintenance of cyber security tooling. Experience with the creation, testing and maintenance of AI or machine learning technologies to assist with the optimisation of work flows or play books. This role will conduct the following activities; Provide support to the Cyber Engineer Specialist and Senior SOC Analysts in Alert Tuning for all SOC capabilities. Support the SOC automation activities, using scripting and SOAR capabilities as required, to ensure efficiency of SOC efforts and optimising the use of AI and ML where possible. To be an SME on SOC connectivity and visibility across all monitored networks and infrastructure, ensuring connections and integrations are understood and documented with the SOC Engineer Specialist. To support activity of back end refresh on SOC appliances – including certificate updates, patch releases and software updates. To support implementation of playbook scripting activities ensuring they are well documented and tested. This includes fault finding and review of false positives. Support the SOC Security Administrator in the coordination, planning and execution of SOC appliance upgrades, to include the tracking of EOS and EOL dates. Collaborate closely with IM back office to maintain availability and efficiency of SOC tools and recover any service outages or disruption. Attend IM P1 red teams and problem management meetings as the Cyber SME to advise on remediation and recovery. To support the Senior SOC Analysts with new capability implementation and integration to existing solutions. To Support the cyber security team with the successful completion of technical POCs, ensuring compatibility against success criteria. Support the SOC in investigation activity utilising a wide variety of security platforms, creating custom searches, advanced queries or scripts in order to find the root cause or IOC of an alert. Deputise for the Cyber Engineer Specialist as required during absences.
#J-18808-Ljbffr
opportunity for paid overtime Flexi Leave:
Up to 15 additional days Flexible working:
We welcome applicants who are looking for flexible working arrangements Enhanced parental leave:
offers up to 26 weeks for maternity, adoption and shared parental leave -enhancements are available for paternity leave, neonatal leave and fertility testing and treatments Facilities : Fantastic site facilities including subsidised meals, free car parking and much more… What we're looking for from you: Strong coding and scripting background – PowerShell, Python & Regex Proven ability to work with APIs, including HTTP/S headers and responses, JSON Objects. Proven experience with Proxies administration and changes. Windows (SMB) and *Nix (NFS) remote storage. Experience with applying certificates, software updates and the steps involved for end of life refresh activity. Experience with VMware/ Hyper-V Virtual machines and virtual switches. Experience in setting up, implementing and maintenance of cyber security tooling. Experience with the creation, testing and maintenance of AI or machine learning technologies to assist with the optimisation of work flows or play books. This role will conduct the following activities; Provide support to the Cyber Engineer Specialist and Senior SOC Analysts in Alert Tuning for all SOC capabilities. Support the SOC automation activities, using scripting and SOAR capabilities as required, to ensure efficiency of SOC efforts and optimising the use of AI and ML where possible. To be an SME on SOC connectivity and visibility across all monitored networks and infrastructure, ensuring connections and integrations are understood and documented with the SOC Engineer Specialist. To support activity of back end refresh on SOC appliances – including certificate updates, patch releases and software updates. To support implementation of playbook scripting activities ensuring they are well documented and tested. This includes fault finding and review of false positives. Support the SOC Security Administrator in the coordination, planning and execution of SOC appliance upgrades, to include the tracking of EOS and EOL dates. Collaborate closely with IM back office to maintain availability and efficiency of SOC tools and recover any service outages or disruption. Attend IM P1 red teams and problem management meetings as the Cyber SME to advise on remediation and recovery. To support the Senior SOC Analysts with new capability implementation and integration to existing solutions. To Support the cyber security team with the successful completion of technical POCs, ensuring compatibility against success criteria. Support the SOC in investigation activity utilising a wide variety of security platforms, creating custom searches, advanced queries or scripts in order to find the root cause or IOC of an alert. Deputise for the Cyber Engineer Specialist as required during absences.
#J-18808-Ljbffr
