Cyber Defence Analyst - DV Cleared

West Midlands  ‐ Onsite
This project has been archived and is not accepting more applications.
Browse open projects on our job board.

Keywords

Safety Principles Infrastructure Management Security Information and Event Management Architecture Automation Customer Relationship Management Case Management CompTIA A+ Computer Security Elasticsearch Incident Response Supervisory Control and Data Acquisition (SCADA) Incident Management Network Architecture Requirements Analysis Risk Analysis Security Managing System Safety Virtualization Root Cause Analysis Metrics National Institute of Standards and Technology (NIST)

Description

As a Cyber Defence Analyst with active developed vetting security clearance; you will join an established security team responsible for designing, delivering, and maintaining operational cybersecurity capabilities. Conducting pro-active, risk-based, protective monitoring on priority C4IS/networks to identify internal and external cyber-threats/attacks.

Responsibilities:

  • Develop and integrate security event monitoring and incident management services.
  • Respond to security incidents as they occur as part of an incident response team.
  • Implement metrics and dashboards to give visibility of the Enterprise infrastructure.
  • Use of the SOAR platform to assist with playbook automation and case management capabilities to streamline team processes and tools.
  • Produce documentation to ensure the repeatability and standardisation of security operating procedures.
  • Develop additional investigative methods using the SOC's software toolsets to enhance recognition opportunities for specific analysis.
  • Maintain a baseline of system security according to latest threat intelligence and evolving trends.
  • Participate in root cause analysis of incidents in conjunction with engineers across the enterprise.
  • Provide Subject Matter Expertise (SME) on a broad range of information security standards and best practices.
  • Offer strategic and tactical security guidance including valuation requirement of technical controls.
  • Be part of the CRM process
  • Liaise with the SOC engineers to maintain up-to-date dashboards of security alerts, to allow the organisation to better respond to an incident.
  • Document, validate and create operational processes and procedures to help develop the SOC.
  • Assist in identifying, prioritising, and coordinating the protection of critical cyber defence infrastructure and key resources.

Skills/Experience:

  • Elastic Stack proficiency.
  • Previous experience of Enterprise ICS/network architectures and technologies.
  • Experience and knowledge of SIEM solutions; having the ability to identify use cases and their creation, their deployment and tuning.
  • Previous experience of utilising the MITRE ATT&CK and Cyber Kill Chain frameworks.
  • Skilled in using virtualisation software.
  • Knowledge of key security frameworks (eg ISO, NIST 800-53).
  • Ability to document and report security incidents clearly and concisely.
  • Experience of writing Defence/Government documentation.
  • Creation, development and management of security alert dashboards.

Desirable Qualifications:

  • Broad Spectrum Cyber Course (CompTIA Sec+, SANS SEC401 or SEC501 or equivalent)
  • SIEM Design, Architecture and Analyst Course (SANS SEC455 or SEC555 or equivalent)

If you feel you have the skills and experience needed for this role; please do apply now.

Start date
ASAP
Duration
until 31st March 2025
From
Parker Shaw
Published at
13.09.2024
Project ID:
2795859
Contract type
Freelance
To apply to this project you must log in.
Register