Connecting linkedin

Incident Response Analyst

  • Location

    Basingstoke, Hampshire

  • Sector:

    Information Security

  • Job type:

    Contract

  • Salary:

    £650 - £750 per day

  • Contact:

    Clara Grace Moretti-Greene

  • Contact email:

    claram@montash.com

  • Salary high:

    750

  • Salary low:

    650

  • Job ref:

    IR12

  • Published:

    almost 2 years ago

  • Duration:

    3 Months

  • Expiry date:

    2017-02-15

  • Startdate:

    ASAP

Cyber Incident Response Analyst

Day Rate: £650-£750

Location: Basingstoke

Contract Length: initially 3 months

Immediate requirement for a Cyber Incident Response Analyst to work with a Global Financial Organisation based in Basingstoke. The Cyber Incident Response Analyst is a role within the Cyber Security Incident & Response Team.

The role will be shift based at Basingstoke and will cover a rotating 24 x 7 pattern.

This will involve identifying security events, incident response [1st and 2nd line], performing root cause analysis and then resolution or escalating to the Digital Forensics & Investigation Response [DFIR] Team or the appropriate resolver group. It will also assist in the customisation of our reporting tools to ensure the systems are monitored and alerts managed in line with policy and industry best practice.

Key Activities

  • To provide mentoring and support for shift security analysts.
  • Incident handling of security events
  • Vulnerability assessment, reporting and escalation.
  • Conduit for DFIR escalations and resolutions.
  • Highlighting and managing evolving security threats and Indicators of Compromise.
  • Developing new methods to detect security events.
  • Triage events to correctly identify breaches of security policy.
  • Analyse security operations performance to drive continuous improvement.
  • Interface between all stakeholders to explain issues, priorities and steps required to reach resolution.
  • Working in liaison with DFIR for delivery of e2e projects that require security monitoring.
  • Drafting/approving technical documentation to support the delivery of CSIRT services.

MUST HAVE EXPERIENCE WITH THE STANDARS - SIEM, Remedy RSA, McAfee, IDS/IPS

Key Words

DFIR / SIEm / Remedy RSA . McAfee / IDS / IPS / 1st line support / 2nd line / 3rd line / RCCS Information security / RSA Security analytics / Cisco /