Monitoring Associate

Role Summary

The role of Monitoring is to collect and analyse security event data arising from activity across the organisation, tune and improve rules generating security alerts, and follow up by investigating indicators of potentially malicious activity, escalating incidents or initiating responses.

Role expectations

Support implementation of the monitoring roadmap to enhance monitoring in line with requirements, policies and standards to govern all activities and outputs.

Monitor, triage and investigate security alerts on protective monitoring platforms to identify security incidents and perform analysis of security event data to support the response, reporting or escalating where appropriate.

Design, develop and support automated monitoring processes, using a variety of the latest SIEM (Security Information and Event Management) and network analysis tools, techniques and procedures to:

• detect malicious activity
• ensure continuous improvement through dashboard monitoring or retrospective assessmet

Entry Route

Internal

Suitable for an individual from the Government Security Profession, Digital, Data and Technology Profession, or Analytics Profession

External

Suitable for an individual who has worked as a Cyber Security intelligence analyst, monitoring specialist and/or response specialist, or in big data or data science, artificial intelligence or machine learning, or digital forensics, in the private sector

Learning pathway

Core

CompTIA IT Fundamentals

• CompTIA Security+

NIST Cyber Security Professional (NCSP) Foundation Certificate

• Certified ISO 27001 Practitioner

Management of Risk (M_o_R) Foundation

• Management of Risk (M_o_R) Practitioner

Foundation Certificate in Cyber Security

• EC-Council Certified SOC Analyst