Cyber Security Event Analysts
£neg depending on experience
Our client is a global high-tech company and one of the key players in Aerospace, Defence and Security. Our client is the largest inward investor in the UK defence sector, and one of the biggest suppliers of defence equipment to the UK MoD.
Headquartered in Europe, they have over 45,600 employees. With its offices and industrial plants, the Company is present in 180 sites worldwide in addition to strategic partnerships in the most important high potential international markets.
What’s in it for you?
- 25 days holiday plus bank holidays.
- Award-winning pension scheme
- Flexible working and additional flex-leave schemes
- Salary sacrifice schemes including childcare voucher scheme
- Generous relocation package
- Onsite Occupational Health Service
- Onsite shops and restaurant facilities
- Employee discount schemes
- Learning & Development budgets
- Career break scheme
- Reserve Forces support
Our client is looking to recruit Junior and Senior Security Event Analysts, looking for individuals with varying degrees of experiences in the analysis and handling of security events. The Analysts are responsible for the day-to-day identification of security related events with both day-based roles and shift-based roles available.
The successful candidates will be required to use their experience in the analysis and handling of security events across a range of different customers and technologies. The role requires a high level of experience in a minimum of one key cyber security technology area, along with a working level experience across a broad selection of other cyber security technologies. Example technology areas include SIEM, NIPS, NIDS, HIDS, HIPS, Computer Forensics tools, Vulnerability Assessment tools, Firewalls, Incident Response or malware analysis. The successful candidate must be a proactive & diligent team player with strong technical abilities.
Key Responsibility Areas
- Security Information Event Management (SIEM) analysis and operation (especially with the configuration, operation, troubleshooting, and management)
- Management, use and analysis of events from Network Based Intrusion Detection Systems (NIDS)
- Management, use and analysis of events from Host Based Intrusion Detection Systems (HIDS)
- Deployment, configuration and maintenance of network security appliances and networking devices and associated management software
- Knowledge in the use of a variety of Security Event generating sources (e.g. Firewalls, IDS, Routers, Security Appliances)
- Network, system and application level troubleshooting techniques
- Computer security tools (Vulnerability Assessment, Anti-virus, Protocol
- Analysis, Anti-Virus, Protocol Analysis, Anti-Spyware, etc.)
Skills, Qualifications & Knowledge Required
- A good analytical competency is required for this role. Candidates should be able to:
- Analyse diverse sources of information;
- Break information into component parts, patterns and relationships;
- Probe for further information or greater understanding of a problem;
- Make rational judgement from the available information and analysis;
- Produce workable solutions to a range of problems and demonstrate an understanding of how one issue may be a part of a much larger system.
- Knowledge and understanding of information technology concepts and technologies
- Knowledge of computer systems hardware and software
- Knowledge of networking and troubleshooting using the OSI 7-layer model
- Experience with TCP/IP, Linux, UNIX, Windows, IP Routing
- Knowledge of Information Security core concepts.
- Software engineering, programming or scripting knowledge such as Java, .net, Python or shell scripting.
- Educated to degree level in an IT related discipline or equivalent experience within Information Technology (minimum 4 years).
- Desirable to have one of more professional certifications in security disciplines such as SANS
- Experience of working within a team environment or on a project with multiple participants.
- Analysis and troubleshooting experience.
- Experience of working in Network Operations Centres (NOCs).
- Ability to communicate clearly with team members and other analysts.
- Experience in an ITIL and/or ISO27001 environment.
- Be Eligible for SC Clearance
- Occasional Travel required
For immediate consideration and a confidential conversation please contact Sam Page.
01908 88 60 37