Connecting to LinkedIn...

CIRT Analyst

Job Title: CIRT Analyst
Contract Type: Permanent
Location: Bristol, United Kingdom
REF: 1812
Contact Name: Jonny Duggan
Job Published: about 1 month ago

Job Description

CIRT Analyst


£NEG depending on experience


Our client is a global high-tech company and one of the key players in Aerospace, Defence and Security. Our client is the largest inward investor in the UK defence sector, and one of the biggest suppliers of defence equipment to the UK MoD.


Headquartered in Europe, they have over 45,600 employees. With its offices and industrial plants, the Company is present in 180 sites worldwide in addition to strategic partnerships in the most important high potential international markets.


Job Description


You’ll be joining our Security & Information Systems Division (S&IS), the division is a pivotal innovator, supplying safety through technology, to provide our customers with more efficient, safe and secure products and services, whatever their requirements may be.


The division is a world leader in safety-through-technology, providing tailored solutions for customers in public administration, public safety and security, critical infrastructure, services, transport, large companies, post and logistics.


S&IS (UK) is at the forefront of supplying technology and services for both civil and defence markets, in both the UK and around the world, to enhance the capabilities of its Customers and we need people like you!


You will be joining our highly skilled team at our Bristol site. This is a great opportunity to bring your talents and form an integral part of the company’s future. We can help you develop your skills and offer great opportunities to develop and grow, so why not join us!


As a CIRT Analyst within the SOC you will be responsible for providing incident response services to our clients, conducting threat hunting across available sources and conducting extensive research into new relevant cyber-attacks, malware and TTPs of threat actors to assist in providing best practice threat-led Security Operations and consultancy services. You will act as the subject matter expert for Network Investigations within the CIRT team, and will identify, contain and remediate cyber security incidents across large networks with support from other CIRT specialists.


The role would ideally suit a seasoned incident responder or cyber investigator with experience working with networking appliances. It would also suit a network administrator or architect looking to enter the field of incident response.


If that sounds like your thing, here’s a few of the great things you can expect when you join the team.


Benefits and Working Environment


We offer fantastic opportunities for learning, development and professional growth. Your career will be massively varied. Learning on the job isn’t just a benefit – it’s a must!


At the company, we believe that our employees work best when they are able to achieve balance between work and other aspects of life and so that you can enjoy the great city of Bristol! That’s why we are committed to designing policies and developing a working environment that promote the benefits and well-being of all our employees.


We want to support you and encourage you to fulfil your potential through:


  • Flex-leave schemes: We offer our employees the time and flexibility they need to enjoy a balanced life.
  • Annual leave: We offer 25 days holiday plus 8 bank holidays.
  • Supportive relocation package: to make your move to Bristol even more attractive
  • Learning & Development: We help assess your development needs in line with the role you wish to perform, and allow you to further develop your knowledge.
  • Award-winning pension scheme: Our multi-award-winning pension scheme includes generous employer contribution.
  • Employee discount schemes: We offer you and your family an attractive range of discounts from retail and cinema to hotel bookings and vehicles benefits.
  • Reserve Forces: We provide positive support to the Reserve Forces and allow employees who are Reservists to take additional time off.
  • Generous relocation package: We offer an excellent package to ease the move for people relocating for work.
  • Maternity leave: We have very flexible working arrangements and advantageous Maternity Policy
  • Paternity, parental, adoption and dependent leave: We care to ensure that we consider every aspect of your needs. All these policies are covered as part of our Work-Life Balance Policy.
  • Free parking: This is available on or near all our sites.
  • Salary sacrifice schemes including childcare voucher scheme: We encourage working parents to save money on childcare by offering them several advantageous facilities and vouchers.
  • Career break: Where appropriate, we support our employees in pursuing other interests outside the workplace.


Key Responsibility Areas


So let’s get down to what you will do!


  • Report directly to the Senior CIRT Analyst, supporting the professional delivery of all CIRT services
  • Act as the subject matter expert for computer networking and be the primary responder for network investigations.
  • Advise on how to best respond to any given incident.
  • Advise on how to best implement mitigation measures which might prevent or limit future incidents.
  • Provide expert cyber knowledge to clients and to the internal team.
  • Conduct threat hunting across available security devices, focusing on network monitoring appliances.


Skills, Qualifications & Knowledge Required


  • We are looking for a motivated self-managed individual who is willing to help design and adapt a constantly evolving service; someone who can demonstrate above average analytical skills and liaise professionally with peers and customers.


These additional skills will also help:


  • Excellent technical knowledge of common networking and routing protocols (e.g. TCP/IP), services (e.g. TLS, DNS, SMTP) and how they interact to provide network communications, packet-level analysis, firewall administration, network appliance log analysis, network intrusion detection and protection systems, Snort rule creation and maintenance.
  • Hands-on experience with popular network, vulnerability assessment and penetration testing tools including Wireshark, Metasploit, Nessus and Snort.
  • Some knowledge of Cyber Security Incident Response processes and procedures.
  • Able to communicate technical information to non-technical audiences.
  • Hands-on experience with both commercial and open source network security appliances including Niksun, PfSense, Security Onion.
  • Knowledge of host-based investigations including digital forensic principles and practices.
  • Experience in winning commercial bids and delivering technical services.
  • Experience developing commercial cyber security services.
  • Knowledge or experience in Penetration Testing.
  • Practical programming knowledge or experience in Python.


For immediate consideration and a confidential conversation please contact Jonny Duggan.

01908 886 038