Connecting to LinkedIn...

CIRT Analyst

Job Title: CIRT Analyst
Contract Type: Permanent
Location: Bristol, United Kingdom
REF: 1413
Contact Name: Sam Page
Job Published: over 1 year ago

Job Description

CIRT Analyst


£neg depending on experience


Our client is a global high-tech company and one of the key players in Aerospace, Defence and Security. Our client is the largest inward investor in the UK defence sector, and one of the biggest suppliers of defence equipment to the UK MoD.


Headquartered in Europe, they have over 45,600 employees. With its offices and industrial plants, the Company is present in 180 sites worldwide in addition to strategic partnerships in the most important high potential international markets.


What’s in it for you?

  • 25 days holiday plus bank holidays.
  • Award-winning pension scheme
  • Flexible working and additional flex-leave schemes
  • Salary sacrifice schemes including childcare voucher scheme
  • Generous relocation package
  • Onsite Occupational Health Service
  • Onsite shops and restaurant facilities
  • Employee discount schemes
  • Learning & Development budgets
  • Career break scheme
  • Reserve Forces support


Job Description

Our client is looking to recruit Incident Response Specialists, with a demonstrable experience in the planning, analysis and response to significant security events. As a member of the CIRT team you will be responsible for responding to compromised assets within our customer environments both remotely and by rapid deployment as required.


Relevant Skills

A strong analytical competency is required for this role. Candidates should be able to:

  • Demonstrate a minimum of 3+ years of enterprise level networking experience
  • Demonstrate a minimum of 3+ years of enterprise level Windows platform experience
  • Demonstrate a minimum of 2+ years of enterprise level Linux experience
  • Demonstrate a minimum of 2+ years of enterprise level Intrusion
  • Detection experience (such as SNORT, Bro or Suricata) and must include packet level analysis
  • Demonstrate experience with coding & scripting languages










Key Responsibility Areas

  • Contribute to the ongoing development of the Incident Response capability
  • Respond to compromised assets across our customer base (remotely orby site deployment)
  • Conduct research into the latest tools, techniques and procedures within the Incident Response industry (including what the bad guys are up to)
  • Management, use and analysis of network forensic events from Network Based Intrusion Detection Systems
  • Use and analysis of events from Host Based Intrusion Detection Systems
  • Deployment, configuration and maintenance of network security appliances and networking devices and associated management software
  • Knowledge in the use of a variety of Security Event generating sources (Firewalls, IDS, Routers, Security Appliances)
  • Network, system and application level troubleshooting techniques
  • Security tools (Vulnerability Assessment, Anti-Virus, Protocol Analysis, Anti-Spyware, etc)
  • Conduct intelligence-led investigations
  • Conduct host-based forensic investigations using tools such as EnCase, Access-Data or X-Ways
  • Conduct compromise assessments using both network, log and hostdata
  • Present findings in a clear and articulate manner to non-technical audiences


Skills, Qualifications & Knowledge Required

  • Educated to degree level in an IT Security related discipline and/or equivalent experience within Information Technology
  • Desirable to have one of more professional certifications in relevant security disciplines such as GIAC.


Intrinsic Factors

  • Must be eligible to meet SC clearance requirements
  • Some travel for incident response purposes required
  • Join rota for out of hours on call incident response



For immediate consideration and a confidential conversation please contact Sam Page.

01908 88 60 37