Security Operations Centre Design
Key Purpose
To monitor and investigate Security alerts, threats, vulnerabilities and incidents. To perform diagnosis of alerts, incidents and service requests and to ensure all are accurately logged and any corrective action taken, or escalations made in a timely manner. To investigate new and advanced methods of detection and prevention of incidents and to identify, develop, organise and improve processes in all areas of Security Operations, including customer and project related activity where assigned. To actively remain informed and educated in respect of new and evolving areas of technology and cyber security, and be a proactive champion of Security within the business.

Summary of Responsibilities
Daily monitoring of operational Security tools and response to events and incidents Development and optimisation of Security controls & tooling to continually improve monitoring, and detection of new Security threats Experience of Azure Sentinel Help deliver new Security initiatives, driving best value from our tooling & supporting technologies Be the first point of contact for Security incidents, events and requests and ensure all are logged Assist in the performance of regular reporting and permanent supervision control activity Assist with any internal and external audit requirements and collate information as necessary to respond to any queries where appropriate Creation and maintenance of procedure manuals

Contact us for more information at info@skraba.co.uk. Ref: SOC-DESIGN
Target Operating Model Development
Key Purpose
To monitor and investigate Security alerts, threats, vulnerabilities and incidents. To perform diagnosis of alerts, incidents and service requests and to ensure all are accurately logged and any corrective action taken, or escalations made in a timely manner. To investigate new and advanced methods of detection and prevention of incidents and to identify, develop, organise and improve processes in all areas of Security Operations, including customer and project related activity where assigned. To actively remain informed and educated in respect of new and evolving areas of technology and cyber security, and be a proactive champion of Security within the business.

Summary of Responsibilities
Daily monitoring of operational Security tools and response to events and incidents Development and optimisation of Security controls & tooling to continually improve monitoring, and detection of new Security threats Experience of Azure Sentinel Help deliver new Security initiatives, driving best value from our tooling & supporting technologies Be the first point of contact for Security incidents, events and requests and ensure all are logged Assist in the performance of regular reporting and permanent supervision control activity Assist with any internal and external audit requirements and collate information as necessary to respond to any queries where appropriate Creation and maintenance of procedure manuals

Contact us for more information at info@skraba.co.uk. Ref: SOC-TOM
Security Operations Centre Review
Key Purpose
To monitor and investigate Security alerts, threats, vulnerabilities and incidents. To perform diagnosis of alerts, incidents and service requests and to ensure all are accurately logged and any corrective action taken, or escalations made in a timely manner. To investigate new and advanced methods of detection and prevention of incidents and to identify, develop, organise and improve processes in all areas of Security Operations, including customer and project related activity where assigned. To actively remain informed and educated in respect of new and evolving areas of technology and cyber security, and be a proactive champion of Security within the business.

Summary of Responsibilities
Daily monitoring of operational Security tools and response to events and incidents Development and optimisation of Security controls & tooling to continually improve monitoring, and detection of new Security threats Experience of Azure Sentinel Help deliver new Security initiatives, driving best value from our tooling & supporting technologies Be the first point of contact for Security incidents, events and requests and ensure all are logged Assist in the performance of regular reporting and permanent supervision control activity Assist with any internal and external audit requirements and collate information as necessary to respond to any queries where appropriate Creation and maintenance of procedure manuals

Contact us for more information at info@skraba.co.uk. Ref: SOC-REVIEW
Security Operations Centre Enhance
Key Purpose
To monitor and investigate Security alerts, threats, vulnerabilities and incidents. To perform diagnosis of alerts, incidents and service requests and to ensure all are accurately logged and any corrective action taken, or escalations made in a timely manner. To investigate new and advanced methods of detection and prevention of incidents and to identify, develop, organise and improve processes in all areas of Security Operations, including customer and project related activity where assigned. To actively remain informed and educated in respect of new and evolving areas of technology and cyber security, and be a proactive champion of Security within the business.

Summary of Responsibilities
Daily monitoring of operational Security tools and response to events and incidents Development and optimisation of Security controls & tooling to continually improve monitoring, and detection of new Security threats Experience of Azure Sentinel Help deliver new Security initiatives, driving best value from our tooling & supporting technologies Be the first point of contact for Security incidents, events and requests and ensure all are logged Assist in the performance of regular reporting and permanent supervision control activity Assist with any internal and external audit requirements and collate information as necessary to respond to any queries where appropriate Creation and maintenance of procedure manuals

Contact us for more information at info@skraba.co.uk. Ref: SOC-ENHANCE
Purple Team Setup
Key Purpose
To monitor and investigate Security alerts, threats, vulnerabilities and incidents. To perform diagnosis of alerts, incidents and service requests and to ensure all are accurately logged and any corrective action taken, or escalations made in a timely manner. To investigate new and advanced methods of detection and prevention of incidents and to identify, develop, organise and improve processes in all areas of Security Operations, including customer and project related activity where assigned. To actively remain informed and educated in respect of new and evolving areas of technology and cyber security, and be a proactive champion of Security within the business.

Summary of Responsibilities
Daily monitoring of operational Security tools and response to events and incidents Development and optimisation of Security controls & tooling to continually improve monitoring, and detection of new Security threats Experience of Azure Sentinel Help deliver new Security initiatives, driving best value from our tooling & supporting technologies Be the first point of contact for Security incidents, events and requests and ensure all are logged Assist in the performance of regular reporting and permanent supervision control activity Assist with any internal and external audit requirements and collate information as necessary to respond to any queries where appropriate Creation and maintenance of procedure manuals

Contact us for more information at info@skraba.co.uk. Ref: SOC-PURPLETEAM
Sandbox Network Development
Key Purpose
To monitor and investigate Security alerts, threats, vulnerabilities and incidents. To perform diagnosis of alerts, incidents and service requests and to ensure all are accurately logged and any corrective action taken, or escalations made in a timely manner. To investigate new and advanced methods of detection and prevention of incidents and to identify, develop, organise and improve processes in all areas of Security Operations, including customer and project related activity where assigned. To actively remain informed and educated in respect of new and evolving areas of technology and cyber security, and be a proactive champion of Security within the business.

Summary of Responsibilities
Daily monitoring of operational Security tools and response to events and incidents Development and optimisation of Security controls & tooling to continually improve monitoring, and detection of new Security threats Experience of Azure Sentinel Help deliver new Security initiatives, driving best value from our tooling & supporting technologies Be the first point of contact for Security incidents, events and requests and ensure all are logged Assist in the performance of regular reporting and permanent supervision control activity Assist with any internal and external audit requirements and collate information as necessary to respond to any queries where appropriate Creation and maintenance of procedure manuals

Contact us for more information at info@skraba.co.uk. Ref: SOC-SANDBOX
Emergency Response Contact
Key Purpose
To monitor and investigate Security alerts, threats, vulnerabilities and incidents. To perform diagnosis of alerts, incidents and service requests and to ensure all are accurately logged and any corrective action taken, or escalations made in a timely manner. To investigate new and advanced methods of detection and prevention of incidents and to identify, develop, organise and improve processes in all areas of Security Operations, including customer and project related activity where assigned. To actively remain informed and educated in respect of new and evolving areas of technology and cyber security, and be a proactive champion of Security within the business.

Summary of Responsibilities
Daily monitoring of operational Security tools and response to events and incidents Development and optimisation of Security controls & tooling to continually improve monitoring, and detection of new Security threats
Experience of Splunk Enterprise Security
Splunk Enterprise Data Administration desirable
Help deliver new Security initiatives, driving best value from our tooling & supporting technologies Be the first point of contact for Security incidents, events and requests and ensure all are logged Assist in the performance of regular reporting and permanent supervision control activity Assist with any internal and external audit requirements and collate information as necessary to respond to any queries where appropriate Creation and maintenance of procedure manuals

Contact us for more information at ir@skraba.co.uk. Ref: IR-EMERGENCY
Incident Response Planning
Key Purpose
To monitor and investigate Security alerts, threats, vulnerabilities and incidents. To perform diagnosis of alerts, incidents and service requests and to ensure all are accurately logged and any corrective action taken, or escalations made in a timely manner. To investigate new and advanced methods of detection and prevention of incidents and to identify, develop, organise and improve processes in all areas of Security Operations, including customer and project related activity where assigned. To actively remain informed and educated in respect of new and evolving areas of technology and cyber security, and be a proactive champion of Security within the business.

Summary of Responsibilities
Daily monitoring of operational Security tools and response to events and incidents Development and optimisation of Security controls & tooling to continually improve monitoring, and detection of new Security threats
Experience of Splunk Enterprise Security
Splunk Enterprise Data Administration desirable
Help deliver new Security initiatives, driving best value from our tooling & supporting technologies Be the first point of contact for Security incidents, events and requests and ensure all are logged Assist in the performance of regular reporting and permanent supervision control activity Assist with any internal and external audit requirements and collate information as necessary to respond to any queries where appropriate Creation and maintenance of procedure manuals

Contact us for more information at ir@skraba.co.uk. Ref: IR-PLANNING
Incident Response Process Development
Key Purpose
To monitor and investigate Security alerts, threats, vulnerabilities and incidents. To perform diagnosis of alerts, incidents and service requests and to ensure all are accurately logged and any corrective action taken, or escalations made in a timely manner. To investigate new and advanced methods of detection and prevention of incidents and to identify, develop, organise and improve processes in all areas of Security Operations, including customer and project related activity where assigned. To actively remain informed and educated in respect of new and evolving areas of technology and cyber security, and be a proactive champion of Security within the business.

Summary of Responsibilities
Daily monitoring of operational Security tools and response to events and incidents Development and optimisation of Security controls & tooling to continually improve monitoring, and detection of new Security threats
Experience of Splunk Enterprise Security
Splunk Enterprise Data Administration desirable
Help deliver new Security initiatives, driving best value from our tooling & supporting technologies Be the first point of contact for Security incidents, events and requests and ensure all are logged Assist in the performance of regular reporting and permanent supervision control activity Assist with any internal and external audit requirements and collate information as necessary to respond to any queries where appropriate Creation and maintenance of procedure manuals

Contact us for more information at ir@skraba.co.uk. Ref: IR-PROCDEV
Incident Response Integration
Key Purpose
To monitor and investigate Security alerts, threats, vulnerabilities and incidents. To perform diagnosis of alerts, incidents and service requests and to ensure all are accurately logged and any corrective action taken, or escalations made in a timely manner. To investigate new and advanced methods of detection and prevention of incidents and to identify, develop, organise and improve processes in all areas of Security Operations, including customer and project related activity where assigned. To actively remain informed and educated in respect of new and evolving areas of technology and cyber security, and be a proactive champion of Security within the business.

Summary of Responsibilities
Daily monitoring of operational Security tools and response to events and incidents Development and optimisation of Security controls & tooling to continually improve monitoring, and detection of new Security threats
Experience of Splunk Enterprise Security
Splunk Enterprise Data Administration desirable
Help deliver new Security initiatives, driving best value from our tooling & supporting technologies Be the first point of contact for Security incidents, events and requests and ensure all are logged Assist in the performance of regular reporting and permanent supervision control activity Assist with any internal and external audit requirements and collate information as necessary to respond to any queries where appropriate Creation and maintenance of procedure manuals

Contact us for more information at ir@skraba.co.uk. Ref: IR-INTEGRATION