Connecting linkedin

Incident Response Analyst

  • Location

    Hampshire, Hampshire

  • Sector:

    Information Security

  • Job type:

    Contract

  • Salary:

    £650 - £750 per day

  • Contact:

    Bonnie Chuong

  • Contact email:

    bonniec@montash.com

  • Salary high:

    750

  • Salary low:

    650

  • Job ref:

    INCID

  • Published:

    almost 2 years ago

  • Duration:

    12 months

  • Expiry date:

    2016-08-29

  • Startdate:

    ASAP

Cyber Incident Response Analyst
Location: Hampshire
Salary/Rate: Up to £750 a day - 12 month contract

Montash has been retained by a multinational financial services based in Hampshire for an experienced Cyber Incident Response Analyst to sit within the Cyber Security Incident & Response Team. The team is currently responsible for the delivery of security monitoring for my client's I.T. infrastructure/ services and acts as a first responder to Cyber Security incidents.

The role will cover a rotating 24 x 7 pattern.

This will involve identifying security events, incident response [1st and 2nd line], performing root cause analysis and then resolution or escalating to the Digital Forensics & Investigation Response Team or the appropriate resolver group. It will also assist in the customisation of my client's reporting tools to ensure the company's systems are monitored and alerts.

Key Responsibilities

  • To provide mentoring and support for shift security analysts.
  • Incident handling of security events affecting the network.
  • Vulnerability assessment, reporting and escalation.
  • Conduit for DFIR escalations and resolutions.
  • Highlighting and managing evolving security threats and Indicators of Compromise.
  • Developing new methods to detect security events.
  • Triage events to correctly identify breaches of security policy.
  • Analyse security operations performance to drive continuous improvement.
  • Interface between all stakeholders to explain issues, priorities and steps required to reach resolution.
  • Working in liaison with DFIR for delivery of e2e projects that require security monitoring.
  • Drafting/approving technical documentation to support the delivery of CSIRT services.

Desired Experience

  • This role requires a broad understanding and demonstrated practical experience which includes the following:
  • Strong SIEM skills ideally with RSA Security Analytics, including content creation and analysis.
  • Strong Intrusion Detection skills ideally with McAfee IDS/IPS and Netwitness.
  • Knowledge and understanding of security monitoring, prevention and control systems including Anti-Virus, Web Proxies and Security Software.
  • Ideally educated to Degree standard or qualified in an IT security related subject (e.g. CISSP, GCIA, GCIH) or equivalent experience.
  • Excellent written (Excel, Word, Visio, MS Project) and oral communication skills.
  • Must have understanding of network architecture; general database concepts; document management; hardware and software troubleshooting; electronic mail systems, such as Exchange.
  • Strong and demonstrable experience across a wide variety of technology disciplines and deep understanding of Cisco devices, Microsoft Windows, Solaris, AIX and Linux.
  • Good understanding of middleware and application server products.
  • Ability to investigate and learn new technologies quickly.
  • Excellent numerical, logical and analytical skills.
  • Preferable prior experience in large / blue chip organisations and ideally, financial services experience (particularly in payments).
  • Familiar with industry standard methods, and security practices CIA, AAA etc
  • Good understanding of protocols/technologies including SSH, SSL, PKI, VPN, HTTP, RDP etc.
  • Worked with industry standard processes relating to service, change management and governance, such as ITIL incident and change management, Prince, Patch Management, Data Centre processes, PCI DSS, SAS70 and COBIT / COSO based controls.
  • Broad and demonstrable experience of working with a diverse set of stakeholders, applying technology capability for business benefit.

If you're interested in this role - please apply now!