Cybersecurity Consultant (specialising in SOC transformation)
- Minimum of 5 years working in the Information Security industry
- Minimum of 2 years working in a SOC environment and/or experience evaluating large corporate enterprise networks and cyber security organisations
- Specialty in one or more of the following Information Security domains: Cyber Intelligence Analysis, Threat Monitoring, Incident Response, Malware Analysis, Computer Forensics, Cyber Architecture, Endpoint Protection, Network Security, Infrastructure Security, Application Security, Platform Security, Identity & Access Management, Policy & Governance, Education & Awareness, Penetration Testing, Vulnerability Scanning & Management, and Compliance & Risk Management
- Experience working with SOC organisations in establishing roadmaps to improve their current capabilities, increasing effectiveness of analysis, and developing the functional/operational processes and procedures to support their mission
- Experience with execution of assessments and evaluations of cyber security operations to include the development of strategic vision roadmaps, baseline or gap evaluations, and SOC Strategy and Concept of Operations reports
- Knowledge of the cyber threat landscape to include Advanced Persistent Threats, Cyber Crime, Hacktivism; specifically, the tactics, techniques and procedures they apply to a cyber-threat attack.
- Knowledge and understanding of attack method types and their usage in targeted attacks such as phishing, malware implantation, perimeter vulnerabilities, application vulnerabilities, lateral movement, etc.
- Experience developing content-rich final reports and associated deliverables with results of subject matter expert analysis and improvement recommendations
- Experience presenting the results of applied analysis to client stakeholders to include senior or executive leadership
- Knowledge of Large Fortune 500 organisations security programs and their related functions to include the SOC function, vulnerability assessment, penetration testing, security policy and procedure, security infrastructure management, network and host based defence, cyber security metrics, security engineering, etc.
- Experience with cyber security processes, tools, and technologies and extensive knowledge of best practices regarding their implementation
- Strong interpersonal, verbal, and written communication skills to successfully accomplish client-facing interactions
- Position requires extensive (up to 50%) travel; mostly in the United Kingdom, Europe and Middle East with occasional support to the United States
- Ability to obtain and maintain a UK Security Clearance
- Prior experience working in SOC environments across a variety of verticals to include Aerospace & Defence, Energy, Oil and Gas, Financial, High-Tech, Chemical, Pharmaceutical & Healthcare, and/or related industries.
- Prior experience leading an assessment or evaluation of a SOC or large security enterprise to include execution of the assessment, analysis of results, and formulation of a final report for dissemination to key stakeholders.
- Prior experience working in a SOC analyst role with knowledge across Threat Monitoring, Incident Response, and Threat Intelligence.
- Prior experience evaluating and assessing large Fortune 500 organisations from the standpoint of enterprise-wide cyber security projects, programs, and capabilities.
- Prior experience working with the Cyber Kill Chain® and similar frameworks and concepts.
- Prior experience with Operational Technology (OT) environments to include cyber defences across Process Control Networks (PCN), Integrated Controls Systems (ICS), and/or SCADA systems
- Cyber security certifications such as CISSP, CEH, GCIA, GCIH, GCFE, and/or Security+
- Knowledge of industry best practices and standards to include but not limited to the following; NIST 800-61 and ISO 27035 and 27001.
If you are interested in applying for this role please click the APPLY button below.