Cyber Incident Response Analyst
Salary/Rate: Up to £750 a day - 12 month contract
Montash has been retained by a multinational financial services based in Hampshire for an experienced Cyber Incident Response Analyst to sit within the Cyber Security Incident & Response Team. The team is currently responsible for the delivery of security monitoring for my client's I.T. infrastructure/ services and acts as a first responder to Cyber Security incidents.
The role will cover a rotating 24 x 7 pattern.
This will involve identifying security events, incident response [1st and 2nd line], performing root cause analysis and then resolution or escalating to the Digital Forensics & Investigation Response Team or the appropriate resolver group. It will also assist in the customisation of my client's reporting tools to ensure the company's systems are monitored and alerts.
- To provide mentoring and support for shift security analysts.
- Incident handling of security events affecting the network.
- Vulnerability assessment, reporting and escalation.
- Conduit for DFIR escalations and resolutions.
- Highlighting and managing evolving security threats and Indicators of Compromise.
- Developing new methods to detect security events.
- Triage events to correctly identify breaches of security policy.
- Analyse security operations performance to drive continuous improvement.
- Interface between all stakeholders to explain issues, priorities and steps required to reach resolution.
- Working in liaison with DFIR for delivery of e2e projects that require security monitoring.
- Drafting/approving technical documentation to support the delivery of CSIRT services.
- This role requires a broad understanding and demonstrated practical experience which includes the following:
- Strong SIEM skills ideally with RSA Security Analytics, including content creation and analysis.
- Strong Intrusion Detection skills ideally with McAfee IDS/IPS and Netwitness.
- Knowledge and understanding of security monitoring, prevention and control systems including Anti-Virus, Web Proxies and Security Software.
- Ideally educated to Degree standard or qualified in an IT security related subject (e.g. CISSP, GCIA, GCIH) or equivalent experience.
- Excellent written (Excel, Word, Visio, MS Project) and oral communication skills.
- Must have understanding of network architecture; general database concepts; document management; hardware and software troubleshooting; electronic mail systems, such as Exchange.
- Strong and demonstrable experience across a wide variety of technology disciplines and deep understanding of Cisco devices, Microsoft Windows, Solaris, AIX and Linux.
- Good understanding of middleware and application server products.
- Ability to investigate and learn new technologies quickly.
- Excellent numerical, logical and analytical skills.
- Preferable prior experience in large / blue chip organisations and ideally, financial services experience (particularly in payments).
- Familiar with industry standard methods, and security practices CIA, AAA etc
- Good understanding of protocols/technologies including SSH, SSL, PKI, VPN, HTTP, RDP etc.
- Worked with industry standard processes relating to service, change management and governance, such as ITIL incident and change management, Prince, Patch Management, Data Centre processes, PCI DSS, SAS70 and COBIT / COSO based controls.
- Broad and demonstrable experience of working with a diverse set of stakeholders, applying technology capability for business benefit.
If you're interested in this role - please apply now!