Lead Security Analyst
Role: Lead Security Analyst
Clearance: SC / DV
Our client provides an advanced SOC service utilising industry leading threat intelligence and advanced SIEM and network IDS solutions. They deliver a managed security service designed from the ground up to detect all types of cyber threats facing a customer’s business, from potential insider issues to generic malware attacks to sophisticated state-sponsored cyber espionage.
Successful applicants will be working within the 24/7 Analysis Team; day to day responsibilities will include:
- Responding to and investigating alerts
- Liaising with customers to detail investigation outcomes and recommend remediation actions,
- Managing threat intelligence and actor profiling
- Assisting in the generation of new signatures / rules
- Assisting in the definition of analysis procedures and protocols.
- Training and supervision of analysts
- Analysts without GIAC certification shall be provided recognised training as part of their employment package.
- Comprehensive knowledge of common SIEM solutions, the purpose of them and an understanding of how they work
- Comprehensive knowledge APT actors; their tools, techniques, and procedures
- Comprehensive knowledge of various types of malware, as well as a strong knowledge of infection vectors and indicators of an infection
- Comprehensive knowledge of common network protocols such as TCP/IP, HTTP, DNS, etc
- Comprehensive knowledge of IDS principals, the purpose of them and an understanding of how they work
- Exposure to computer networking design principals
- Good understanding of SQL
- Good understanding of a range of other protocols such as ARP, DHCP, SMTP, FTP, Telnet, IRC, LDAP, SSL
- Good knowledge of typical business network architecture (i.e. type of servers/devices)
- Good knowledge of current Information Security threats and past threats
- Good knowledge of TCPDump, WireShark, Snort, and/or other security tools
- Experience of providing training and working in a supervisory role to junior staff beneficial but not essential
Candidates must hold valid UK Security Clearance or be able to attain the level of Clearance specified.
To apply please send a CV and covering letter outlining your suitability, salary requirements and availability to roles@CNDLtd.com
In line with Asylum & Immigration Legislation, all applicants must be eligible to live and work in the EU. Documented evidence of eligibility will be required from candidates as part of the recruitment process. Furthermore, in view of the nature of the work, all potential employees will undergo stringent reference and identity checks.
CND Limited is acting as an Employment Agency in relation to this vacancy.
www.CNDLtd.com Main Office: 01225 811 806 Enquiries@CNDLtd.com