Incident Response – Senior Analyst
Cheltenham – Up to £60k
This is a world-leading group of businesses operating in the defence and aerospace, security and cyber, transport and energy markets. The Cyber Security Group is responsible for providing sophisticated IT security protection to all companies within the group. This involves identifying and responding to cyberattacks, typically from the Internet.
The Cyber Group provides Cyber Security across the Group using sophisticated means to detect and manage technical security incidents as they occur. There are presently opportunities for Incident Response (IR) analysts to join this team.
As a senior analyst you will be responsible for monitoring identifiers and suspect activity that indicates a potential security incident. This will make use of Intrusion Prevention Systems, Vulnerability Scanning tools and Malware Forensics. You will be an expert in IR with a deep understanding of real-world APT tools, tactics and procedures and be able to quickly determine the nature of the threat and deliver the appropriate response. The role is based in newly refurbished offices in Cheltenham.
- Performing in-depth forensic analysis on volatile memory or host images to identify indicators of compromise and production of subsequent actionable threat intelligence.
- Experience with network analysis tools and an ability to conduct packet capture analysis. Excellent understanding of networking principles including TCP/IP, DNS etc. and commonly used Internet protocols such as SMTP, HTTP etc.
- Operating systems and system administration skills in either Windows/ Solaris/ Linux Knowledge of Intrusion Detection Systems and methods of security hacking/penetration testing Knowledge of malware analysis and resources relating to exploit kits, techniques and CVEs Working knowledge of at least one scripting language (Python, PHP, etc)
- Experience with reviewing raw log files, data correlation, and analysis (i.e. firewall, network flow, IDS, system logs)
Background and Understanding
- At least 3 years previous experience as a Security Analyst
- Proven experience of intrusion detection and vulnerability analysis
For more information and a confidential chat please contact Sam Page at identifi Global.
01908 88 60 37