Network and Security Analyst - Intrusion
Network and Security Analyst - Intrusion - Permanent - London - Good Salary and Benefits DOE
We are looking for a Network and Security Analyst to complement the current team who will focus on security related tasks within COO. The incumbent shall work as part of the security operations team to ensure that security requirements are being implemented and operated.
- A member of the Security Operations team focused on Network, Platform, and Application security issues.
- Provide Support for the Security Information and Event Management (SIEM) System. Monitor alarm console and assist 1st/2nd level analysts with event triage and escalations.
- Provide telephone, e-mail and ticket service to Incident Response process stakeholders.
- Maintain a Compliance/Vulnerability Assessment (VA) Scanning Capability.
- Follow a documented process for routine scanning of infrastructure and network elements.
- Conduct routine scanning of infrastructure and network elements.
- Maintain an Information Assurance Vulnerability Management (IAVM) and System Patching Process.
- Assist in maintaining an up to date Software Inventory configuration database. Interface with platform and network element administrators to maintain status of software versions and patching.
- Interface with platform and network element administrators to determine hardware/software inventories for infrastructure.
- Monitor threat and vulnerability news services for any relevant information that may impact installed infrastructure.
- Analyze reports to understand threat campaign(s) techniques, lateral movements and extract indicators of compromise (IOCs).
- Deliver 2nd/3rd level investigation and remediation activities as a member of the Security Incident Response Team. Lead Security Incident Response Team (SIRT) events: Conduct research and assessments of security events; provide analysis of firewall, IDS, anti-virus and other network sensor produced events; present findings as input to SIRT.
- Conduct shift change reports on open cases and maintain case data in the Incident Response Management platform.
- The post will require on-call work to include daytime, night time, and weekend work.
Essential Knowledge and Skills:
- Cyber security professional with solid experience of direct information security operations.
- University degree level education or equivalent in Computer Science / Data Communication.
- A Global Information Assurance Certification (GIAC) Certified Incident Handler (GCIH), GIAC Certified Intrusion Analyst (GCIA), or equivalent certification would be advantageous.
- Intermediate knowledge of Information Security fundamentals, technologies, and design principals.
- Proven experience in securing Windows, Linux, Oracle and VM platforms.
- Proven experience of QRadar or similar Security Information and Event Management (SIEM) tools for analysing network and security incidents.
- Proven experience in Tenable Network Security Nessus, BeyondTrust Retina or similar Vulnerability Assessment (VA) scanner operations for identifying network and platform risks and mis-configurations.
- Willingness to learn new skills and be self-motivated.
- Ability to work in a team environment, to work under pressure and show flexibility.
- Excellent verbal and written communication skills in English.
RECOMMEND A FRIEND: If you have professional friends/colleagues who would be interested in one of our roles and our excellent levels of service too, we'd like to recognise your recommendations with a 'thank you' of our own. For every colleague you refer who then starts a role through Datasource either Contract or Permanent, we will send you £300!
Hit the 'Apply now' button to apply and to discuss this role further. We will be delighted to hear from you!
(c) Copyright Datasource Computer Employment Limited 2017.
This job was originally posted as www.jobsite.co.uk/job/959478611