Job Description: Principal Duties / Responsibilities:
- TIER 2, Analyst, Cyber Defence Center.
- 5 to 8 years of hands-on work experience working in a Security Operating Centre (SOC) or similar.
- Ensure timely response to any cyber incident to minimise risk exposure and production down time
- Safely acquire and preserve the integrity of cyber security data required for incident analysis to help determine the technical/operational impact, root cause(s), scope and nature of the incident
- Sysadmin skills (Linux / Windows) programming / scripting skills (PowerShell or Python).
- Detecting emerging threats based upon analysis, data feeds and sources (internal & external intelligence sources).
- Engaging with IT functions to ensure alerts are actioned appropriately and in a timely manner.
- Working within the team and the wider Information Security group to build new tools for intelligence gathering.
- Building and maintaining senior management dashboards to provide a clear understanding of team activities and threat landscape.
- Active Cyber Threat Hunting & provide recommendations to optimize cyber security based on threat hunting discoveries.
- Reviews asset discovery and vulnerability assessment data. Explores ways to identify stealthy threats that may have found their way inside your network, without your detection, using the latest threat intelligence.
- Familiar with using data visualization tools (e.g. Maltego) and penetration testing tools (e.g. Metasploit).
- Analyse and correlate incident data to develop a preliminary root cause and corresponding remediation strategy
- Evaluate target systems to analyse results of scans, identify and recommend resolutions
- Routinely develop and update incident response playbooks to ensure response activities align with best practices, minimise gaps in response and provide comprehensive mitigation of threats