Cyber Security Analyst and Consultant
This individual will be a cyber security analysts with the ability to support both CIRT analysis and onsite SOC transformation consultancy engagements within a client environment. As a result, the skills set will be a mix of Analyst Skills and Cybersecurity Consultancy Skills:
- Analysts Skills:
Responsible for maintaining the integrity and security of enterprise-wide cyber systems and networks. Support cyber security initiatives through both predictive and reactive analysis, articulating emerging trends to leadership and staff. Coordinate resources during enterprise incident response efforts, driving incidents to timely and complete resolution. Employ advanced forensic tools and techniques for attack reconstruction, including forensic analysis, volatile data collection and analysis. Review threat data from various sources and develop custom signatures or other custom detection capabilities. Correlate actionable security events from various sources and develop unique automation and correlation techniques. Conduct malware analysis providing indicators for enterprise defensive measures. Interface with external entities including law enforcement organisations, intelligence community organisations and other government agencies as required.
- Cybersecurity Consultancy Skills:
Strong foundation in the roles and security functions of large organisations, specifically the Security Operations Centre (SOC). Ability to evaluate large security enterprises and their SOC organisations, assist in the development of strategic roadmaps to drive growth and maturity, as well as knowledge on how to implement and drive a plan for transforming an organisation to their desired end state. This candidate should have excellent communication skills, both written and oral, and the ability to interact with others from the executive level down to highly technical analysts in structured and unstructured situations.
Perform the following functions as individual assignments or as part of a team:
- Maintain situational awareness of cyber activity by reviewing open source reporting for new vulnerabilities, malware, or other threats that have the potential to impact the organisation.
- Perform cyber threat intelligence analysis, correlate actionable security events, perform network traffic analysis using raw packet data, net flow, IDS, IPS, and custom sensor output as it pertains to the cyber security of communication networks, and participate in the coordination of resources during incident response efforts.
- Coordinate resources during enterprise incident response efforts, driving incidents to timely and complete resolution.
- Perform analytic support focused on Cyberspace doctrine, policies, strategies, capabilities, and Cyberspace groups, individuals, organisations, tools, tactics, and procedures.
- Employ advanced forensic tools and techniques for attack reconstruction, including forensic analysis and volatile data collection and analysis.
- Conduct malware analysis of attacker tools providing indicators for enterprise defensive measures.
- Analyse reports to understand threat campaign(s) techniques, lateral movements and extract indicators of compromise (IOCs).
- Recommend sound remediation and recovery strategies, suggest defensive policy enhancements and information technology procedures.
- Interface with external entities including law enforcement organisations, intelligence community organisations and other government agencies as required.
- Deliver status reports, briefings, recommendations, and findings to management and executives as required.
- Minimum Bachelor's degree from an accredited institution in Computer Science, Information Technology or a related discipline, or equivalent experience/combined education, with some relevant working experience and specialised training that is commensurate with the assignment.
- Must have Information Security Certifications commensurate with experience, i.e. CISSP, GCFA, GCIH, CHFI, SEC.
- Ability to travel (up to 50%); mostly in the United Kingdom, Europe and Middle East with occasional support to the United States
- Ability to obtain and maintain a UK Security Clearance
- Minimum 3 years Professional technical experience in the information security field.
- Minimum 2 years' experience working with security technologies including Intrusion Detection & Prevention Systems (IDS/IPS), Firewalls & Log Analysis.
- Minimum 2 years working with SIEM, Network Behavior Analysis tools, Antivirus, and Network Packet Analysers.
- Minimum of 2 years working in a SOC environment and/or experience evaluating large corporate enterprise networks and cyber security organisations
- Minimum 1 years' experience working with Digital Forensics tools in an Enterprise environment.
- Minimum 1 years conducting Cyber Incident Response activities in an Enterprise environment.
- Advanced knowledge of the Incident Response lifecycle.
- Advanced Knowledge of the TCP and IP protocol suite, security architecture, DNS and remote access security techniques and products.
- Prior experience working with the Cyber Kill Chain® and similar frameworks and concepts.
- Ability to work autonomously as well as contribute in a team and professional environment.
- Ability to effectively manage multiple, concurrent activities, while understanding and managing priorities, dependencies and risk.
- Strong communication (verbal and written) and interpersonal skills.
- Strong focus on customer service and outcome.
- Proven ability to adapt and maintain a flexible approach to changing needs or priorities.
- Strong reporting and analytical skills with attention to detail.
- Strong problem-solving skill with the ability to resolve complex technical issues.
- High level of initiative and self-motivation.
If you are interested in applying for this role please click the APPLY button below.