Job Description

Minimum qualifications:

• Bachelor's degree or equivalent practical experience
• Completed relevant industry course/certification offerings such as CEH, GIAC or CompTIA Sec+.
• 2 years of experience in similar SOC related roles, responding to and actioning on security incidents.
• Experience in technical troubleshooting and writing code in one or more programming languages.
• Active, or the ability to obtain, a Developed Vetting (DV) UK security clearance.

Preferred qualifications:

• Security+ or similar Cyber Security/Incident Response related certifications.
• Experience responding to security incidents on Kubernetes.
• Experience analyzing, triaging, and remediating common information security incidents.
• Understanding of common attacker tactics, tools, and techniques.
• Excellent problem-solving and investigative skills.

About the job

The UK Security Operations (SecOps) team in Google Public Sector delivers, operates and secures private cloud services. We aim to provide the flexibility, reliability, and scalability of public cloud for customers with exceptionally high security requirements that can only be met in a private cloud environment. We deliver and operate these private cloud deployments for the most critical customers, helping scale, secure and maintain the deployment whilst working closely with Google product teams to continually improve our technology.

SecOps plays a critical role in safeguarding Google's public sector customers by proactively monitoring, detecting, and investigating security incidents around the clock. Operating 24/7/365, the team ensures comprehensive coverage of environments and swiftly responds to suspicious activity. This role involves responding to escalated security incidents and proactively enhancing the Security Operations Center (SOC) by building platform efficiencies, conducting threat hunting, and participating in purple team events. This role will require participation in a rotating on-call schedule outside of core business hours and over the weekend to ensure security incidents can be swiftly resolved.SecOps plays a critical role in safeguarding Google's public sector customers by proactively monitoring, detecting, and investigating security incidents around the clock. Operating 24/7/365, the team ensures comprehensive coverage of environments and swiftly responds to suspicious activity. This role involves responding to escalated security incidents and proactively enhancing the Security Operations Center (SOC) by building platform efficiencies, conducting threat hunting, and participating in purple team events. This role will require participation in a rotating on-call schedule outside of core business hours and over the weekend to ensure security incidents can be swiftly resolved.

Responsibilities

• Respond to security incidents escalated from the front line 24x7x365 team.
• Build and develop security efficiencies on the platform to improve the overall SOC.
• Conduct threat hunting activities on the platform and participate in purple team events.
• Review and develop security operations center dashboards for anomalous activity.
• Be a SME across typical security disciplines, vulnerability, EDR, SIEM, etc.