Lead SOC Security Analyst

At Thales, we know technology has the ability to make our world more secure, sustainable, and inclusive - and that it’s all driven by human intelligence.

Because it takes human intelligence to build and power the systems and solutions that people depend on every day. So we stay curious and make space for diverse points of view. We share what we know and we challenge what’s possible.

From manufacturing and engineering to cybersecurity and space, we’re driving progress in some of the world’s most important industries - and working together to build a future we can all trust.

**Accountabilities**:

- ** Lead a team of our teams of Security Analysts through coaching and development, providing guidance, mentorship, and support to enhance their technical and analytical skills**:

- ** Analyse security data, including logs, network traffic, and threat intelligence, to identify patterns, trends, and anomalies indicative of potential security incidents or threats**:

- ** Collaborate with the SOC Manager to drive the technical direction of the SOC, ensuring the implementation of best practices, processes, and technologies to enhance the team's efficiency and effectiveness**:

- ** Monitor and maintain adherence to SLAs, ensuring the timely and accurate detection, analysis, and response to security incidents and threats**:

- ** Assist in the development and implementation of SOC policies, procedures, and standards, ensuring alignment with the organisation's security strategy and goals**:

- ** Collaborate with other SOC and security leaders to share knowledge, insights, and best practices, promoting a culture of continuous improvement and innovation**:

- ** Identify opportunities for process improvement and automation, recommending and implementing solutions to streamline SOC operations**:

- ** Building and maintaining strong relationships with peers and clients**:

- ** Conduct advanced threat hunting activities, proactively searching for signs of compromise, hidden threats, and potential vulnerabilities within client’s environment**:

- ** Assist with the design, implementation, and fine-tuning of security analytic and correlation rules, alerts, and dashboards in the SIEM and other security tools to enhance the SOC team's visibility and response to emerging threats**:

- ** Collaborate with the SOC team to investigate and respond to security incidents, providing Subject Matter Expert (SME) guidance on the analysis and interpretation of security data**:

- ** Stay up to date on emerging threats, attack vectors, and vulnerabilities, sharing findings with the SOC team and using this information to inform the development of new security analytics techniques and strategies**:

- ** Conduct thorough handovers of security incidents to the Digital Forensics and Incident Response (DFIR) team**:

- ** Assist DFIR team with monitoring and investigation of security incidents on an as needed basis**:

- ** Collating data to write and review customer reports, including post incident reports, to a high standard***:
**Skills and Experience**:

- ** Self-starter with a strong sense of ownership and the ability to work independently or collaboratively as needed**:

- ** Demonstrated capacity to multitask and manage competing priorities effectively**:

- ** Excellent communication, presentation, and interpersonal skills, with the ability to effectively convey complex security concepts to both technical and non-technical audiences**:

- ** Detail-oriented with a strong commitment to documentation, process improvement, and knowledge sharing**:

- ** Strong problem-solving and decision-making skills, with the ability to work under pressure**:

- ** Ability to learn new technologies and tools quickly**:

- ** Ability to develop and deliver training or speaking material for public and private events**:

- ** An empathetic leader with the ability to work under pressure, prioritise tasks, and manage both your team’s and your own time efficiently**:

- ** Ability to speak about security confidently and accurately and to recommend security controls to experienced security professionals and executives**:

- ** Ability to work as a team with decisions made to support moving toward common goals**:

- ** Flexibility and motivation to work across several types of engagements***:
**Preferred Experience**:

- ** Minimum of 5 years of experience in cybersecurity, with at least 2 years within a SOC**:

- ** In-depth knowledge and experience with security tools and technologies, such as SOAR, SIEM, and EDR**:

- ** Knowledge and experience in the Microsoft or Google security suites is highly desirable**:

- ** Experience and confidence in managing security incidents from end-to-end**:

- ** Experience and confidence in client facing roles**:

- ** Strong understanding of security operations, incident response, threat intelligence, and other key functions**:

- ** Professional certifications are an advantage (i.e. CISSP, GREM, GCIH, GSOC, CompTIA