About the Role
:
You’ll play a pivotal role in safeguarding our digital assets from cyber threats as a Senior Cyber Security Analyst. Join a dynamic team and contribute to implementing effective cyber security controls while maintaining a vigilant incident detection and response capability.
Key Responsibilities:
1. SIEM Enhancement: Integrate new data sources and asset types into our SIEM / logging solutions to enhance our threat detection capabilities;
2. Threat Analysis: Analyse the latest malware and vulnerability discoveries to continuously strengthen security defences;
3. Detection Rule Optimisation: Fine-tune existing detection rules to maximise our ability to detect and respond to threats efficiently;
4. Automation Focus: Develop advanced detection rules and capabilities with a focus on automating defence mechanisms where feasible;
5. Response Strategy Development: Create playbooks and response strategies for detection rules to streamline incident response efforts;
6. Threat Intelligence Utilisation: Enhance the utilisation of threat intelligence within Security operations to stay ahead of emerging threats;
7. Threat Hunting Support: Provide support to our existing threat hunting program within Security operations to proactively identify and mitigate threats;
8. Incident Response: Assist in all incident response efforts, ensuring swift and effective response to security incidents while maintaining incident response tools and processes; and
9. Post-Incident Review: Participate in post-incident reviews and initiatives to strengthen preventative or detective controls based on lessons learned.
About You:
Relevant Experience: Ideally you will come from an IT background (education and career history) and have progressed from an IT role into a security focused role, with at least 5 years in a security role.
10. Technical Proficiency: Proficient in scripting languages such as PowerShell, Python, Bash and experienced in Splunk administration and Search Processing Language.
Platform Familiarity: Familiar with Windows / Linux / Unix and Azure administration. Sound operational knowledge and experience with using security technologies and controls which include Firewalls, SIEM, EDR, Proxy, WAF, Identity & Access Management, Vulnerability Management, penetration testing, IDS / IDP and PKI.
11. EDR and Incident Response: Skilled in EDR tool administration and security incident response, with a strong understanding of MITRE ATT&CK and D3FEND frameworks; and
12. Communication Skills: Excellent communication skills, with the ability to manage relationships with internal and external stakeholders effectively.
The role will grow into you becoming a Trusted Advisor to the whole business in the area of Security Operations. It is a position that will provide a great deal of career progression and with an employer that looks after their people.
For more information please call Alex Hill at u&u on 07 3232 9155, quoting reference number 35676. Alternatively, to submit an application please click the apply button.
Please submit your resume in Word format only.