Connecting to LinkedIn...

Connecting to LinkedIn...


Incident Response Analyst

Job Title: Incident Response Analyst
Contract Type: Contract
Location: Hampshire, Hampshire
Salary: £650 - £750 per day
Start Date: ASAP
Duration: 12 months
Contact Name: Bonnie Chuong
Contact Email:
Job Published: about 2 months ago

Job Description

Cyber Incident Response Analyst
Location: Hampshire
Salary/Rate: Up to £750 a day - 12 month contract

Montash has been retained by a multinational financial services based in Hampshire for an experienced Cyber Incident Response Analyst to sit within the Cyber Security Incident & Response Team. The team is currently responsible for the delivery of security monitoring for my client's I.T. infrastructure/ services and acts as a first responder to Cyber Security incidents.

The role will cover a rotating 24 x 7 pattern.

This will involve identifying security events, incident response [1st and 2nd line], performing root cause analysis and then resolution or escalating to the Digital Forensics & Investigation Response Team or the appropriate resolver group. It will also assist in the customisation of my client's reporting tools to ensure the company's systems are monitored and alerts.

Key Responsibilities

  • To provide mentoring and support for shift security analysts.
  • Incident handling of security events affecting the network.
  • Vulnerability assessment, reporting and escalation.
  • Conduit for DFIR escalations and resolutions.
  • Highlighting and managing evolving security threats and Indicators of Compromise.
  • Developing new methods to detect security events.
  • Triage events to correctly identify breaches of security policy.
  • Analyse security operations performance to drive continuous improvement.
  • Interface between all stakeholders to explain issues, priorities and steps required to reach resolution.
  • Working in liaison with DFIR for delivery of e2e projects that require security monitoring.
  • Drafting/approving technical documentation to support the delivery of CSIRT services.

Desired Experience

  • This role requires a broad understanding and demonstrated practical experience which includes the following:
  • Strong SIEM skills ideally with RSA Security Analytics, including content creation and analysis.
  • Strong Intrusion Detection skills ideally with McAfee IDS/IPS and Netwitness.
  • Knowledge and understanding of security monitoring, prevention and control systems including Anti-Virus, Web Proxies and Security Software.
  • Ideally educated to Degree standard or qualified in an IT security related subject (e.g. CISSP, GCIA, GCIH) or equivalent experience.
  • Excellent written (Excel, Word, Visio, MS Project) and oral communication skills.
  • Must have understanding of network architecture; general database concepts; document management; hardware and software troubleshooting; electronic mail systems, such as Exchange.
  • Strong and demonstrable experience across a wide variety of technology disciplines and deep understanding of Cisco devices, Microsoft Windows, Solaris, AIX and Linux.
  • Good understanding of middleware and application server products.
  • Ability to investigate and learn new technologies quickly.
  • Excellent numerical, logical and analytical skills.
  • Preferable prior experience in large / blue chip organisations and ideally, financial services experience (particularly in payments).
  • Familiar with industry standard methods, and security practices CIA, AAA etc
  • Good understanding of protocols/technologies including SSH, SSL, PKI, VPN, HTTP, RDP etc.
  • Worked with industry standard processes relating to service, change management and governance, such as ITIL incident and change management, Prince, Patch Management, Data Centre processes, PCI DSS, SAS70 and COBIT / COSO based controls.
  • Broad and demonstrable experience of working with a diverse set of stakeholders, applying technology capability for business benefit.

If you're interested in this role - please apply now!

Social Stream

Latest News


Cyber security basics lacking in healthcare s...

2016-10-28 10:00:00 +0100

New data has shown that the healthcare sector, specifically employees, continue to lack even the most basic of cyber security awareness. With networked technology becoming increasingly present in this market, it is vital for staff to have the proper knowledge and training so that they can keep patient details safe. In the latest research, SecurityScorecard identified that a breach in the healthcare sector could have extremely severe consequences. The st...


Virgin Atlantic adopts Salesforce to promote ...

2016-10-26 10:00:00 +0100

Salesforce, one of the global leaders in Customer Relationship Management (CRM) tools, is used by thousands of companies around the world. Now, Virgin Atlantic Airlines has said that not only do the solutions provide an effective modern tool for business, but they can also be used to promote community culture. Speaking about the benefits that his firm has seen, Virgin Atlantic Head of Global Sales Effectiveness Spencer Collins said that the solution pro...