Incident Responder

Overview

Would you like to kick start your career in a supportive, collaborative and innovative company?

Do you enjoy working as part of an enthusiastic, passionate and collaborative team?

Join our Cyber Operations Team

As an Incident Responder you will be part of our 24/7 SOC, reviewing incidents occurring in our customers' environments, alerting them to malicious activities and working with them to investigate and remediate incidents.

Softcat is a passionate, fun-loving company with a warm and friendly culture, centred on striving to be a great place to work. We want employees to want to come to work and enjoy it and we want customers to enjoy working with Softcat.

You’ll work alongside our engineering team to help identify tuning and optimisation opportunities, and with our wider team to support our customers through major incidents.

Candidates must hold or be able to gain SC clearance upon hire.

This is a shift position - 4 days on, 4 days off, 4 nights on, 4 off.

• Monitoring for security alerts from Security Platforms, primarily MS Sentinel, MS Defender, USM Anywhere.
• Providing in-depth incident management and analysis to our customers through effective monitoring, reporting, and technical guidance for successful resolution, maintaining high levels of ownership through the incident lifecycle.
• Interfacing with our customers to resolve issues, provide additional information, and answer questions related to incidents and monitoring.
• Maintaining high quality ticket, SLA and KPI adherence.

• At least 2 years’ experience working in a SOC, especially in an MSSP environment. Candidates who have previously performed a technical security role (but not necessarily in a SOC) will also be considered.
• The ability to dynamically assess risks, threats & threat actors for new and existing customers.
• Significant Cyber Security incident response experience and knowledge of the NIST Incident Response Security Framework or equivalent.
• A Cyber security focused degree, or related qualifications such as CompTIA SEC+, CySA+, Blue Team Level 1-2, or equivalent experience. Microsoft SC-200 and related certs are highly desirable.
• Previous experience with SIEM tools such as MS Sentinel, Alien Vault, ELK, QRadar or similar.

We also acknowledge that the confidence gap and imposter syndrome are a real thing and can get in the way of us meeting fantastic talent, so please don't hesitate to apply – we would love to hear from you!

We recognise that everyone is different and that the way in which people want to work and deliver at their best is different for everyone too. In this role, we can offer the following flexible working patterns:

• Hybrid working – 2 days in the office and 3 days working from home.
• Working flexible hours – flexing the times you start and finish during the day.
• Flexibility around school pick up and drop offs.

Wherever you work, we want you to experience the freedom and autonomy to realise your potential. You will feel supported by a team that celebrates individuality, encourages different perspectives, and embraces every background.

To become part of the success story, please apply now.

If you have a disability or neurodiversity, we can provide support or adjustments that you may need throughout our recruitment process or any mitigating circumstance you wish for us to consider. Any information you share on your application will be treated in confidence.

We offer a competitive salary and benefits package and will provide you with opportunities to grow, flourish, and achieve great things. Our benefits include:

• Pension
• Share incentive plan
• Life Assurance
• Holiday
• Trips
• Vouchers
• Partner/family Benefits
• Maternity, Paternity and Adoption support