Cyber Incident Response Lead Investigator

BAE Systems Applied Intelligence
12 Nov 2017
11 Dec 2017
Contract Type
Full Time
The Applied Intelligence division of BAE Systems delivers solutionswhich protect and enhance the connected world. Everything we do createsa safer future. We want to solve problems for our customers and by bringing togethergreat minds, we can work together to make the world a safer place. Role profile BAE Systems Applied Intelligence offers world class threat intelligence,incident response and penetration testing services. The IncidentResponse team are certified by the NCSC and the CPNI as aquality-assured cyber incident response provider for investigating awide range of cyber attacks including espionage, targeted attacks, andfinancial fraud. This role requires you to work alongside a team of technical experts,across several areas, acting as technical lead and providing SME supporton a range of complex problems and client engagements. This will includecross team working with other teams within our business, and clientteams and stakeholders, including senior execs. We are looking for a strong investigator who can lead and investigatecomplex incidents, therefore e xperience of running and managingmultiple incidents is essential. You will manage a number of Analystsperforming a range of tasks from digital forensics to analysis ofnetwork data logs, likely perform a range of technical work alongsidethem as well as manage the bigger picture of the incident and lead theinvestigation. You will also engage with the client. As part of ourhighly skilled technical services team, and as a technical lead, youwill also support other work, ranging from supporting security reviewsof bespoke control systems to research into attack methods. What you will be doing Deliver high quality work to meet client expectations and project deadlines Perform technical analysis tasks such as forensics, analysis of network logs, malware etc. Manage team members and leading incident investigations Attend client site for engagements where required (often managing the incident on their side) Research and analysis of techniques and threat intelligence Support bids and proposals for the technical services area, and support general business development Understand where off the shelf tools are appropriate and identify opportunities for novel solutions Have a keen interest in security and thrive on complex challenges What we are looking for Essential: Direct experience in one or more of the following domains (and their associated tools) preferably with a recognised qualification (such as GIAC, MCP, CREST CCIM, HIA or NIA) Host forensics / intrusion analysis Network intrusion analysis Reverse Engineering Malware analysis Operating System internals and security (Essential to have Windows experience, other operating systems are desirable). Experience leading investigations and managing incident analysts Knowledge of malware behaviour and techniques employed by attackers to evade existing security controls Self motivated and motivates others keeping morale and performance high Desirable: Experience in penetration testing, threat intelligence and detection of incidents / network monitoring Knowledge of security applications or processes in one or more of the following platforms Desktop operating systems (both Linux and Windows based) SCADA and Industrial Control Embedded systems Consultancy experience Existing Developed Vetting clearance Excellent relationship building skills with stakeholders, vendors and suppliers. Understanding of existing and emerging technologies People management skills. Experience of CESG/NCSC Cyber Incident Response scheme teams (As a member, or leader) #AI-DICE Security Clearance is required for this vacancy. If you are notcurrently Security Cleared, you will need to be eligible for this andwilling to go through the process. For more guidance on NationalSecurity Vetting please click here. About BAE Systems Applied Intelligence We help nations, governments and businesses around the world defendthemselves against cyber crime, reduce their risk in the connectedworld, comply with regulation, and transform their operations. We dothis using our unique set of solutions, systems, experience andprocesses. Our success is down to our people. The changing nature of our businessmeans that we're constantly looking for the brightest talent to help usfulfil our ambitions. As an experienced professional, we'll entrust youwith responsibility; this means that you'll have client contact, varietyand support from day one. We'll encourage and support you to develop your skills and reward youas you grow. Whatever your area of expertise, you'll be much more thanjust a job title; you'll be an integral part of the business where yourindividual contribution makes a difference every day. Great mindsdeserve great rewards, so we also offer a very competitive salary andbenefits package. Diversity and inclusion are integral to the success of BAE SystemsApplied Intelligence. Staying competitive in today's global marketplacerequires an organisational culture where employees with varyingperspectives, skills, life experiences and backgrounds - the best andbrightest minds - can work together to achieve excellence and realiseindividual and organisational potential. We also welcome discussionsabout flexible working. Division Overview: Commercial Solutions BAE Systems has been in the business of protecting some of the world'smost important assets and networks for over 100 years. We apply the sametechniques, intelligence and strategy used in defending nations andgovernments to businesses as well. That's us - Commercial Solutions - adivision of BAE Systems that specializes in providing businesses aroundthe globe with the products and services they need to stay protected intoday's connected world. We offer a broad portfolio of on premise, managed and cloud-basedproducts and services that are proven to protect our clientsagainstfinancial crime and persistent cyber attackers. We aim to be a global industry-leading, cyber and financial crimeproducts business and will do this by leveraging the BAE Systems brandand by delivering higher grade security solutions for our clients. Help us secure a connected world by being an unseen hero. Apply now andbe inspired. - provided by Dice BUSINESS DEVELOPMENT, CLOUD, CREST, GIAC, LINUX, MCP, PENETRATION TESTING, WINDOWS