Connecting to LinkedIn...

Incident Response Security Analyst

Job Title: Incident Response Security Analyst
Contract Type: Permanent
Location: Cheltenham, United Kingdom
REF: 1137
Contact Name: Sam Page
Contact Email:
Job Published: almost 2 years ago

Job Description

Incident Response – Senior Analyst

Cheltenham – Up to £60k

This is a world-leading group of businesses operating in the defence and aerospace, security and cyber, transport and energy markets. The Cyber Security Group is responsible for providing sophisticated IT security protection to all companies within the group. This involves identifying and responding to cyberattacks, typically from the Internet. 

Job Purpose

The Cyber Group provides Cyber Security across the Group using sophisticated means to detect and manage technical security incidents as they occur. There are presently opportunities for Incident Response (IR) analysts to join this team. 

As a senior analyst you will be responsible for monitoring identifiers and suspect activity that indicates a potential security incident. This will make use of Intrusion Prevention Systems, Vulnerability Scanning tools and Malware Forensics. You will be an expert in IR with a deep understanding of real-world APT tools, tactics and procedures and be able to quickly determine the nature of the threat and deliver the appropriate response. The role is based in newly refurbished offices in Cheltenham.

Key Responsibilities  

  • Performing in-depth forensic analysis on volatile memory or host images to identify indicators of compromise and production of subsequent actionable threat intelligence. 
  • Experience with network analysis tools and an ability to conduct packet capture analysis.   Excellent understanding of networking principles including TCP/IP, DNS etc. and commonly used Internet protocols such as SMTP, HTTP etc. 
  • Operating systems and system administration skills in either Windows/ Solaris/ Linux   Knowledge of Intrusion Detection Systems and methods of security hacking/penetration testing   Knowledge of malware analysis and resources relating to exploit kits, techniques and CVEs  Working knowledge of at least one scripting language (Python, PHP, etc)  
  • Experience with reviewing raw log files, data correlation, and analysis (i.e. firewall, network flow, IDS, system logs)


Background and Understanding

  • At least 3 years previous experience as a Security Analyst  
  • Proven experience of intrusion detection and vulnerability analysis 



For more information and a confidential chat please contact Sam Page at identifi Global.

01908 88 60 37