An exciting opportunity has arisen for a 2nd Line Analyst within Airbus Cyber Security in Newport.
The role of the 2nd Line Analyst is to be an escalation point for all SOC operational activity. The successful candidate will be responsible for the day to day monitoring of multiple security devices, including SIEM, IDS/IPS etc, ensuring that all customer SLAs are met.
You will be required to work as part of the SOC team ensuring all SOC operational tasks are completed on time and work tickets updated/closed with satisfactory technical details included.
The 2nd Line Analyst will be comfortable at a technical level, often being required to attend technical workshops and customer briefings/service reviews.
All Analysts are expected to be able to present and write professional reports to key stakeholders and exercise good time management.
Your main tasks will include:
When required, perform initial triage/identification of ‘Events of Interest’ using the SOC toolsets.
Complete analysis/correlation of ’Events of Interest’ to identify incidents ensuring that all events, events of interest, exceptions & incidents are responded to in accordance with established SOC work instructions, including remedial action/recommendations.
Complete post incident reporting. Responsible for SOC work instructions, ensuring they are reviewed & amended.
Maintain currency in security concepts, tools and best practices.
Produce reports (as per templates) & vulnerability/trending analysis as requested by UK SOC Mgr or key stakeholders.
Present & review reports to internal & external key stakeholders.
Complete tooling configuration changes including, but not limited to filters/tuning/dashboards as authorised.
Carry out minor tool maintenance as directed by SOC lead engineer.
Required Skills and Experience
ITIL Fundamentals (or equivalent)
CompTIA Security (or equivalent)
CompTIA Network (or equivalent)
Wireshark Packet Analysis
SANS SEC401: Security Essentials (or equivalent)
SANS SEC503: Intrusion Detection in-depth (or equivalent)
SANS SEC504: Hacker Tools, Techniques, Exploits and Incident Handling (or equivalent)
Ethical Hacker (CEH)
Cisco Certified Network Associate CCNA
FIAHMG – Fundamentals of Information Assurance in HMG (leading to CCP)
CREST (Registered Intrusion Analyst) (CRIA)
SANS SEC501: Advanced Security Essentials
The Lead Engineer is expected to be able to present and write professional reports to key stakeholders
All staff are expected to exercise good time management and work as part of a team
You will work from Airbus Defence and Space offices, Newport, South Wales, with occasional requirements for business travel within the UK and abroad.
Because of the nature of work undertaken, these positions are required to meet special nationality rules and therefore these vacancies are only open to sole British Citizens. If you meet this criteria you will also undergo security clearance vetting, if not already security cleared to a minimum DV level
We are committed to equal employment opportunity regardless of race, colour, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender, gender identity or expression, or veteran status. We are proud to be an equal opportunity workplace.
This job requires an awareness of any potential compliance risks and a commitment to act with integrity, as the foundation for the Company’s success, reputation and sustainable growth.
Professional / Expérimenté(e) / Professionell / Profesional
By submitting your CV or application you are consenting to Airbus using and storing information about you for monitoring purposes relating to your application or future employment. This information will only be used by Airbus.
Airbus is committed to achieving workforce diversity and creating an inclusive working environment. We welcome all applications irrespective of social and cultural background, age, gender, disability, sexual orientation or religious belief.
Airbus is, and always has been, committed to equal opportunities for all. As such, we will never ask for any type of monetary exchange in the frame of a recruitment process. Any impersonation of Airbus to do so should be reported to