Cyber Security Analyst - Hybrid working
Cyber Security Analyst - Hybrid working
One of our biggest customers in the UK are on the hunt for a talented and experienced Cyber Security Analyst. Our client is expanding at at a rapid rate right now and this is a fantastic opportunity to join a great team at an opportune time.
The Cyber Security Analyst plays a critical role in protecting the Banks' data, IT infrastructure, business systems and services against a range of criminal and malicious cyber threats - both internal and external. The primary first-level triage and response activities will be delivered through a third party managed Security Operations Centre (SOC) and you will be responsible to inform the services definition and use-cases to ensure the managed SOC services are relevant to the Bank's risk profile and IT solutions. Your role also requires that you provide the second-level monitoring and analysis of cyber events of interest and response activities in accordance with the Group's Cyber Response Plans and Playbooks.
As an second-level responder you will be part of a 24x7 out-of-hours rota to provide continuous response capabilities that minimise the time to react to any alerts and suspicious activity. The second-level response cyber analyst will also perform regular analysis of the SIEM data through cyber analytics tools against historical data to identify new attacks, low-and-slow unauthorised or suspicious activity and validate the effectiveness of new Indicators of Compromise (IoCs) or triggers. You will also conduct threat hunting exercises within our IT environments to identify IoCs indicative of malicious activity or Advanced Persistent Threats (APTs).
- Provide accurate and priority driven analysis on cyber activity and threats
- Provide 24x7 second-level incident response for security incidents to identify, contain and recover to a pre-determined safe state
- Define and coordinate cyber incident response testing to assess capabilities and breach preparedness
- Coordinate with IT to conduct investigations of cyber incidents or other security incidents utilising various tools and sources to reverse engineer malware and identify attack vectors to provide an accurate account
- Apply IT Forensics methodologies and practices to preserve digital evidence for criminal investigations
- Perform threat hunting within the corporate IT environments to detect historic or active malicious/unauthorised activity
- Act as a trusted advisor to identify enhancements or new capabilities and technologies for identification, prevention, detection and recovery of cyber indents.
- Perform regular operational health checks and monitor availability of cyber services and technologies to ensure effectiveness
- 5 years of Computer Incident Response Team (CIRT), Computer Emergency Response Team (CERT), Computer Security Incident Response Centre (CSIRC) or a Security Operations Centre (SOC) experience is essential
- 5 years of experience with Scripting in Perl/Python/Ruby/PowerShell is essential
- 5 years experience in performing log analysis for various log formats and sources (FWs, Servers, network devices, IPS, DLP etc.)
- 5 years of experience with packet analysis tool is essential
- 4 years of experience with both desktop-based and server-based IT Forensics is essential
- 4 years of experience documenting and reviewing security and IT designs to identify security risks and gaps is essential
- 2 years of experience integrating Cloud-based infrastructure and services into local and centralised cyber monitoring frameworks is essential
- 2 years of implementing deception technologies is desirable
Due to the volume of applications received for positions, it will not be possible to respond to all applications and only applicants who are considered suitable for interview will be contacted.
Proactive Appointments Limited operates as an employment agency and employment business and is an equal opportunities organisation
We take our obligations to protect your personal data very seriously. Any information provided to us will be processed as detailed in our Privacy Notice, a copy of which can be found on our website