Description
Location: Remote/Hampshire, United Kingdom
Rate: Negotiable dependent on experience
Duration: 24 months
Costello & Reyes Group has been engaged by our client, a central Government body, to identify an experienced Security Administrator/Security Information Specialist who is able to manage delivery on the following:
KEY DELIVERABLES
The high-level deliverables for the service:
- Build/Develop Use Cases - Develop use case and facilitation, threat modelling and transalation of operational requirements into SOC SIEM tool. Focus on insider threat and Data Loss Prevention use case to demonstrate the process used by SOC analysts.
- Cyber incident response plan - Develop the Cyber Incident Response Plan in line with NIST and SANS guidance and incorporating the wider teams. Create supporting documentation and guidance for resolver group support.
- SOC Roadmap development - Develop SOC in line with recommendations from the previous years' report with focus on SOC reaching its required maturity level of 3.
- IaaS, PaaS and SaaS On-boarding - Work with wider development teams and develop process for log on-boarding and develop costing model for SOC.
- Official O' and Software Design Life Cycle SDLC' scope out - Review of network diagrams of both environments and prioritise log on-boarding into the SOC SIEM tool. Break down of workable project sizes and raise CRQ's with Dependent teams for on-boarding.
- Develop SOC BCDR - Review existing documentation for the SOC BCDR develop process/plan that feeds into the wider process.
- Cyber Incident Investigation/Escalation - Reviewing event channels and certificates and identifying issues for escalation to different teams.
- Training and development - Mentor existing SOC team and develop play books and training and development content to enable quick upskilling of new starters to the SOC.
ESSENTIAL SKILLS AND EXPERIENCE
- Strong knowledge Cyber Security, with a focus on operational security. Such as security monitoring and alerting, vulnerability management and incident response.
- Producing supporting security documentation in coordination with stakeholders.
- A good, all-round knowledge of IT systems and Networking.
- Experienced in both updating and creating operational security processes and procedures.
- Comprehensive experience of working in Security Operations Centres (SOC), with additional knowledge and experience to support junior colleagues within the SOC.
- Effective communication skills being able to deliver technical conversations and presentations to a range of different stakeholders.
- Network and application security and architecture, incident response, forensic investigation and business continuity management.
- Knowledge of various Cyber Security Frameworks, Data Protection and bulk data controls.
- Hands-on experience with security tooling such as SIEM and EDR solutions. Technical ability to operate them from both an analyst and engineering perspective. (Monitoring, Use Case and content creation, upgrades and troubleshooting.
- SFIA Level 4/5 Experience
Desirable skills and experience:
- Professional certification such as GIAC GCIH, CISSP, CISM or ISO 27001.
- Experience working in a Governmental environment.
- Experience in managing and/or mentoring technical personnel.
- Knowledge of on-boarding new log sources into a SOC for security monitoring, while exploring relevant Use Cases for the respective log sources.
- Able to provide evidence of capability in terms of professional memberships, training, qualifications/certifications and above all examples of prior work and experience that is relevant to the role.
- Candidates must be free of any commercial ties or obligations to any hardware or software vendors.
- It is desirable that candidates have a current, working knowledge of Central Government systems and networks and have evidence of previously providing services to a government authority or security services.
Should you be interested in the above position, please feel free to submit your CV and call for further information.
All candidates will need to have current SC Clearance
Costello & Reyes Group Limited is one of the UK's leading providers of recruitment advice and services and acts as a recruiter on behalf of our client.