Description
Cyber Security Intrusion Analyst - Secuirty Cleared!
Duration: 3 months initially
pay rate: £800/day (Inside IR35/Umbrella)
Location: Fully Remote
PLEASE NOTE MY CLIENT ARE ONLY ACCEPTING CANDIDATES WHO ARE ACTIVELY SC CLEARED
Role Description:
- Major Incident Management - Participating in major incidents, either as lead or an involved party to ensure efficient resolution of major incidents and delivering appropriate communications and ticket management as per major incident processes. Participating in any resulting incident review or lessons learned sessions. Reviewing and leading investigations within the CDOC team, escalated from more junior incident handlers.
- Cloud Architecture Review - participating in the review and familiarisation with architecture diagrams provided by technology teams that the CDOC intends to support, in order to understand logs or systems of particular interest for security monitoring and threat modelled onboarding to the CDOC SIEM; or where existing security controls may be deficient.
- Technical Security Reporting - supporting the CDOC's efforts to engage with a wide range of stakeholders, generating requirements documentation or reporting on security deficiencies.
- Threat Hunting - Using available tools, logs, direct system access, etc. carry out proactive work for the CDOC's customers to find cyber security issues based on an initial hypothesis, helping to identify security problems and improve the security posture of CDOC's customers
- Content Development - playing an active role in the CDOC's Use Case Factory process, using a threat-led approach to improve and develop the content which drives the team's Protective Monitoring function. This could be through identifying and designing new content, conversion of threat hunts, tuning existing content or other improvements.
Skills:
Essential:
- Excellent written and verbal communication skills - able to present technical information to different types of stakeholders, and gather required information from teams in factfinding workshops, or write accurate, comprehensible requirements or reports.
- Experience working in technical cybersecurity consulting roles, SOC environment or equivalent Cyber Security role.
- Strong knowledge of Information Security & Cyber Security, Incident Handling, security tooling and common attacker techniques (SANS GCIH).
- Cloud technology experience
- Experience of cybersecurity incident response engagements
- Adaptability to support a fast changing and dynamic project team.
Desirable:
- Cloud technology certifications (AWS and Azure - Solutions Architect or Security Specialist qualifications)
- Splunk Enterprise Security experience
If you are interested in this opportunity, please apply now with your updated CV in word/PDF format.
Notwithstanding any guidelines given to level of experience sought, we will consider candidates from outside this range if they can demonstrate the necessary competencies.
Square One is acting as both an employment agency and an employment business, and is an equal opportunities recruitment business. Square One embraces diversity and will treat everyone equally: Please see our website for our full diversity statement.