Cyber Defence Analyst L3

Job Description: An exciting opportunity has arisen for a 3rd Line Analyst within Airbus Protect in Newport.The role of the 3rd Line Analyst is to be an escalation point for all SOC operational activity. The successful candidate will be responsible for the day to day monitoring of multiple security devices, including SIEM, SOAR, IDS/IPS, EDR etc, ensuring that all customer SLAs are met.You will be required to work as part of the SOC team ensuring all SOC operational tasks are completed on time and work tickets updated/closed with satisfactory technical details included.The 3rd Line Analyst will be proficient at a technical level, often being required to attend technical workshops and customer briefings/service reviews.All Analysts are expected to be able to present and write professional reports to key stakeholders and exercise good time management. This position can offer you: We can offer you all of this and more Exciting development opportunities and perspectives within Airbus as a global player An attractive company pension scheme Airbus Group success share scheme An extensive range of additional benefits Flexible working hours Tasks and Accountabilities When required, takes over and leads the SOC Team in charge of the Critical Incidents Complete analysis/correlation of 'Events of Interest' to identify incidents ensuring that all events, events of interest, exceptions & incidents are responded to in accordance with established SOC work instructions, including remedial action/recommendations. Complete post incident reporting. Responsible for SOC work instructions, ensuring they are reviewed & amended. Use Case Factory development Playbook design and development Use Case & Playbook validation before going live Maintain currency in security concepts, tools and best practices. Present & review reports to internal & external key stakeholders. Continuous improvement process definition in coordination with SDM Propose improvement regarding internal processes, support documentation and associated management tools We are looking for applicants with the following experience: Required Palo Alto Networks Certified Detection and Remediation Analyst (PCDRA) Microsoft SC200: Microsoft Security Analyst Blue Team Level 1 & 2: Junior / Advanced Security Operations Knowledge of Microsoft Defender & Sentinel Knowledge of SOAR Knowledge of Splunk Understanding of threat actor Tactics, Techniques and Procedures (TTPs) SANS SEC401: Security Essentials (or equivalent) SANS SEC503: Network Monitoring and Threat Detection In-Depth (or equivalent) SANS SEC504: Hacker Tools, Techniques, Exploits and Incident Handling (or equivalent) Desirable Knowledge of Reverse Engineering Malware Practical Junior Malware Researcher (PJMR) SANS SEC488: Cloud Security Essentials (or equivalent) CREST Certified Network Intrusion Analyst (CCNIA) (or equivalent) SANS FOR508: Advanced Incident Response, Threat Hunting and Digital Forensics (GCFA) Soft Skills/Qualifications The 3rd Line Analyst is expected to be able to present and write professional reports to key stakeholders All staff are expected to exercise good time management and work as part of a teamYou will work from Airbus Protect offices, Newport, South Wales, with occasional requirements for business travel within the UK and abroad. Because of the nature of work undertaken, these positions are required to meet special nationality rules and therefore these vacancies are only open to sole British Citizens. If you meet this criteria you will also undergo security clearance vetting, if not already security cleared to a minimum DV level. We are committed to equal employment opportunities regardless of race, colour, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender, gender identity or expression, or veteran status. We are proud to be an equal opportunity workplace. AIRBUS PROTECT Airbus PROTECT brings together experts in risk analysis and management in the fields of safety, cybersecurity and sustainability. We deliver expertise to our own group, Airbus, for whom we act as a privileged partner, but also to external clients.With over 1,800 experienced professionals based in France, UK and Germany, we service large-scale contracts with companies such as critical infrastructures (CNI), other industries and public institutions. Our positioning and strategy enable us to meet the highest standards of the market and to meet the challenges of tomorrow as a team Join the AIRBUS PROTECT journey job requires an awareness of any potential compliance risks and a commitment to act with integrity, as the foundation for the Company's success, reputation and sustainable growth. Company: Airbus Protect Limited Contract Type: Permanent Experience Level: Professional Job Family: Cyber Security By submitting your CV or application you are consenting to Airbus using and storing information about you for monitoring purposes relating to your application or future employment. This information will only be used by Airbus. Airbus is committed to achieving workforce diversity and creating an inclusive working environment. We welcome all applications irrespective of social and cultural background, age, gender, disability, sexual orientation or religious belief.Airbus is, and always has been, committed to equal opportunities for all. As such, we will never ask for any type of monetary exchange in the frame of a recruitment process. Any impersonation of Airbus to do so should be reported to Airbus, we support you to work, connect and collaborate more easily and flexibly. Wherever possible, we foster flexible working arrangements to stimulate innovative thinking.Airbus Protect provides services in cybersecurity, safety and sustainability, protecting Airbus company-wide and meeting the needs of national authorities and commercial customers, including critical infrastructures.Our mission is to use our deep knowledge and diverse industry expertise to make a meaningful impact. We enable our clients to concentrate on growing their businesses and building a trusted future, while ensuring their safety, security and sustainability never wavers.We are dedicated to our employees and our clients. Our relationships are based on deep trust empowering us to tackle complex projects and co-innovate to build a better future :