Senior Security Analyst – Worcestershire
Work as a senior member of a team working shifts to provide 24x7x365 delivery of intrusion detection/analysis services.
- Work independently, applying in-depth knowledge and experience to deliver time critical, customer focused protective monitoring services; advising and recommending on defensive strategies.
- Provide effective leadership for shift teams; directing and guiding work and providing mentorship of junior members of staff acting as a local Subject Matter Expert in the Cyber Security domain.
- Perform in-depth and advanced analysis (e.g. forensic analysis and malware reverse engineering) of complex and non-routine escalated security-related events; drawing on the expertise of other Analysts and external resources as required.
- Manage escalated security-related events, making rapid evidence-based decisions on how to respond based on the extent and severity of the intrusion; drawing on knowledge of threat actors, including their motivation, infrastructure and capabilities.
- Demonstrate advanced knowledge of business processes, internal control risk management, IT controls and related standards.
- Identify and mitigate business risks associated with projects.
- Proactively contribute to SOC strategy by refining processes and procedures; ensuring they align with client and wider organisational requirements.
- Actively maintains awareness of developments in the intrusion analysis, incident response and information security fields.
- Has a working understanding of common Intrusion Analysis models (e.g. Cyber Kill Chain®) and can apply them to enhance analysis and reporting.
- In depth understanding of TCP, UDP, IP, ICMP, ICNP, IPv4, IPv6, HTTP, HTTP(S), SMTP, POP3, and DNS. Demonstrates fundamental knowledge of IRC, DHCP, FTP, SMB, SNMP.
- Strong knowledge of security technologies such as SIEM, NIDS/NIPS, HIDS/HIPS, Endpoint protection suites including strengths, weaknesses and flexibility of deployment.
- Good programming or scripting skills confidently conducting Bash shell scripting, Perl and C++, Microsoft Powershell Scripting, and Python programming.
- Advanced knowledge of current threat landscape and a good understanding of malware operations, indicators, and known examples of APTs.
- Ability to identify developing patterns and trends in data.
- Awareness of regulatory environment, laws, and standards.
- Good understanding of technology and actively maintains awareness of developments in the intrusion analysis, incident response and information security fields.
- Good working understanding of common Intrusion Analysis models, and can readily apply them.
- Able to communicate cyber security analysis results to technical and non-technical management/governance stakeholders, facilitating collaboration and decision making as necessary.
- Demonstrates effective communication skills with colleagues, including the ability to handover work to oncoming shift personnel.
- Good client interaction (over telephone and e-mail communication) including prompt and comprehensive client reporting.
Experience and Qualifications
- A Bachelor’s Degree in Computer Science, Computer Networks, Information Security or other related technical discipline or equivalent experience.
- Extensive experience working in IT.
- Experience within an information security discipline, with experience in a Security Operation Centre (SOC) environment
- Network security experience, including experience in network architecture, host, data and/or application security in multiple operating system environments.
- Qualifications within the IT Security field such as Cisco Certified network Professional Security (CCNP Security), SANS Certified Intrusion Analyst (GCIA), Certified Incident Handler (GCIH), Malware Analysis, Certified Information Systems Security Professional (CISSP)
- Experience of leading/supervising teams
- Experience working with a range of productivity software such as Microsoft Word and Excel
- Strong programming skills
- Advanced experience of computer operating systems, such as Linux and Windows
- Experience with overlay tunnels, VPNs, and network routine.
- CREST Registered Intrusion Analyst
- Knowledge and experience of penetration testing tools and techniques.
Forward your CV, along with a brief covering letter to Samuel.email@example.com to find out more.
01908 886 037