Cyber Defence Analyst
- GardPass Consulting
- Rate is negotiable (subject to experience)
- Closing date
- 3 Feb 2023
- Clearance Level
- DV, SC
- Administration / Secretarial, Aerospace, Biotechnology, Central Government, Consultancy, Cyber Security, Defence, Digital Forensics, Engineering, Information Technology, Intelligence, Logistics, Nuclear, Policing, Public Sector, Scientific, Security, Space, Telecommunications, Counter Terrorism, Investigation, Surveillance, Marine
- Job Type
DV cleared (SC will be considered if DV application ongoing) full-time role based at customer Site (no work can be done off-site)
The Authority’s environment Cyber Defence Analyst will join a rapidly growing security team responsible for designing, delivering and maintaining operational cybersecurity capabilities. Conducting pro-active, risk-based, protective monitoring on priority C4IS/networks in order to identify internal and external cyber-threats/attacks. This position involves a broad range of skills, including the development and mentoring of the Level 2 Analyst, monitoring networks to actively remediate unauthorised activities.
• Develop and integrate security event monitoring and incident management services.
• Respond to security incidents as they occur as part of an incident response team.
• Implement metrics and dashboards to give visibility of the Enterprise infrastructure.
• Assist with the leadership of a composite cyber response team during incidents and investigations
• Use of the SOAR platform to assist with playbook automation and case management capabilities to streamline team processes and tools.
• Produce documentation to ensure the repeatability and standardisation of security operating procedures.
• Develop additional investigative methods using the Authority’s environment’s software toolsets to enhance recognition opportunities for specific analysis.
• Maintain a baseline of system security according to latest threat intelligence and evolving trends.
• Participate in root cause analysis of incidents in conjunction with analysts and engineers across the enterprise.
• Provide Subject Matter Expertise (SME) on a broad range of information security standards and best practices.
• Offer strategic and tactical security guidance including valuation requirement of technical controls.
• Be part of the CRM process
• Liaise with the Authority’s environment’s Level 3 engineers to maintain up-to-date dashboards of security alerts, to allow the Authority to better respond to an incident.
• Document, validate and create operational processes and procedures to help develop the Authority’s environment.
• Assist in identifying, prioritising, and coordinating the protection of critical cyber defence infrastructure and key resources.
• Build, install, configure, and test dedicated cyber defence hardware.
• Support Level 1 Analysts to manage Authority’s environment’s systems.
• Previous experience of Enterprise ICS/network architectures and technologies
• Experience and knowledge of SIEM solutions; having the ability to identify use cases and their creation, their deployment and tuning.
• Experience as a mentor/coach to junior analysts
• Previous experience of utilising the MITRE ATT&CK and Cyber Kill Chain frameworks
• Skilled in maintaining Microsoft directory services.
• Skilled in using virtualisation software.
• Knowledge of key security frameworks (e.g. ISO, NIST 800-53)
• Excellent communication skills
• Experience of writing Defence/Government documentation
• Broad Spectrum Cyber Course (SANS SEC401 or SEC501 or equivalent)
• Experience of managing cyber incidents and investigations
• SIEM Design, Architecture and Analyst Course (SANS SEC455 or SEC555 or equivalent)
• Advanced Analyst Course (SANS SEC503 or equivalent)
We constantly remind ourselves that people come first, so we have a commitment to providing an excellent personal service to our clients and candidates with the know-how to save you from wasted time and disappointment.
Our clients come from all commercial and industry sectors and, in particular, we have expertise in sourcing candidates in the land, marine, air, weapons, electronics, communications, avionics and cyber security domains.
GardPass Consulting bring a discerning approach to the resolution of both organisational recruitment requirements and individual career aspirations.
Mobilising and placing individuals and large teams on a global basis at speed in complex situations is one of our specialities. We offer a wealth of experience and expertise in supplying project personnel on a worldwide basis, backed-up by a huge network of qualified, experienced professionals (many of them security-cleared at various levels). Many of our candidates have worked with us on several projects – often for the same client, by request.
- +44 7939 073902
Pendragon House, 65 London Road
Get job alerts
Create a job alert and receive personalised job recommendations straight to your inbox.Create alert