Connecting to LinkedIn...

Connecting to LinkedIn...

W1siziisijiwmtqvmdkvmzavmtavndevmzevmzkxl3n0b2nrx3bob3rvx2pvynnfynv0dg9ux29ux2tlewjvyxjkxzgwmdu4mtgxlmpwzyjdlfsiccisinrodw1iiiwimtkymhgxmjuwiyjdxq

Incident Response Analyst

Job Title: Incident Response Analyst
Contract Type: Contract
Location: Hampshire, Hampshire
Industry:
Salary: £650 - £750 per day
Start Date: ASAP
Duration: 12 months
REF: INCID
Contact Name: Bonnie Chuong
Contact Email: bonniec@montash.com
Job Published: about 1 year ago

Job Description

Cyber Incident Response Analyst
Location: Hampshire
Salary/Rate: Up to £750 a day - 12 month contract

Montash has been retained by a multinational financial services based in Hampshire for an experienced Cyber Incident Response Analyst to sit within the Cyber Security Incident & Response Team. The team is currently responsible for the delivery of security monitoring for my client's I.T. infrastructure/ services and acts as a first responder to Cyber Security incidents.

The role will cover a rotating 24 x 7 pattern.

This will involve identifying security events, incident response [1st and 2nd line], performing root cause analysis and then resolution or escalating to the Digital Forensics & Investigation Response Team or the appropriate resolver group. It will also assist in the customisation of my client's reporting tools to ensure the company's systems are monitored and alerts.

Key Responsibilities

  • To provide mentoring and support for shift security analysts.
  • Incident handling of security events affecting the network.
  • Vulnerability assessment, reporting and escalation.
  • Conduit for DFIR escalations and resolutions.
  • Highlighting and managing evolving security threats and Indicators of Compromise.
  • Developing new methods to detect security events.
  • Triage events to correctly identify breaches of security policy.
  • Analyse security operations performance to drive continuous improvement.
  • Interface between all stakeholders to explain issues, priorities and steps required to reach resolution.
  • Working in liaison with DFIR for delivery of e2e projects that require security monitoring.
  • Drafting/approving technical documentation to support the delivery of CSIRT services.

Desired Experience

  • This role requires a broad understanding and demonstrated practical experience which includes the following:
  • Strong SIEM skills ideally with RSA Security Analytics, including content creation and analysis.
  • Strong Intrusion Detection skills ideally with McAfee IDS/IPS and Netwitness.
  • Knowledge and understanding of security monitoring, prevention and control systems including Anti-Virus, Web Proxies and Security Software.
  • Ideally educated to Degree standard or qualified in an IT security related subject (e.g. CISSP, GCIA, GCIH) or equivalent experience.
  • Excellent written (Excel, Word, Visio, MS Project) and oral communication skills.
  • Must have understanding of network architecture; general database concepts; document management; hardware and software troubleshooting; electronic mail systems, such as Exchange.
  • Strong and demonstrable experience across a wide variety of technology disciplines and deep understanding of Cisco devices, Microsoft Windows, Solaris, AIX and Linux.
  • Good understanding of middleware and application server products.
  • Ability to investigate and learn new technologies quickly.
  • Excellent numerical, logical and analytical skills.
  • Preferable prior experience in large / blue chip organisations and ideally, financial services experience (particularly in payments).
  • Familiar with industry standard methods, and security practices CIA, AAA etc
  • Good understanding of protocols/technologies including SSH, SSL, PKI, VPN, HTTP, RDP etc.
  • Worked with industry standard processes relating to service, change management and governance, such as ITIL incident and change management, Prince, Patch Management, Data Centre processes, PCI DSS, SAS70 and COBIT / COSO based controls.
  • Broad and demonstrable experience of working with a diverse set of stakeholders, applying technology capability for business benefit.

If you're interested in this role - please apply now!

Social Stream

Latest News

W1siziisijiwmtcvmdkvmjkvmdgvmtmvmjkvmjgyl1vudgl0bgvkigrlc2lnbiaomjuplmpwzyjdlfsiccisinrodw1iiiwimzgwedewmcmixv0

Are PSLs a Blocker or an Enabler?

2017-10-02 11:00:00 +0100

The use of a Preferred Supplier List (PSL) was intended to support and strengthen relationships and performance between organisations and their third party suppliers. As the technical landscape continues to evolve at rapid rate recruitment and demand for new skills becomes more intense. Are PSLs still the solution or an obstacle to sourcing the right talent? The traditional PSL A dedicated list of partners intended to guarantee quality and availability ...

W1siziisijiwmtcvmdkvmjevmdgvndmvmduvmtmxl1vudgl0bgvkigrlc2lnbiaomjmplmpwzyjdlfsiccisinrodw1iiiwimzgwedewmcmixv0

Why do we punish the victims of hacking?

2017-09-21 09:00:00 +0100

Hacks occur every 39 seconds, with 95% of them targeting governments, retailers and the tech industry. If the hackers are caught, they'll face prison time under the Computer Misuse Act. More often than not, the businesses who are victims of those attacks expose themselves to punishment of their own. The laws that determine the duty of protection owed to businesses and their customers is both vague and broad, making them question just how much protection...