senior Incident Response Analyst

Recruiter
Computer Network Defence Ltd
Location
Cheltenham
Salary
£30,000 - £39,999, £50,000 - £59,999
Posted
05 Dec 2017
Closes
08 Jan 2018
Contract Type
Permanent
Hours
Full Time

Role: Senior Incident Response Analyst

Type: Permanent

Location: South West

Salary: £Competitive

Clearance: Must be eligible for UK SC Clearance

CND are currently partnering a global organisation looking to add a Senior Incident Response Analyst to their talented function in the South West. This organisation is proud of their high-calibre talent, state of the art resources and the retention of the staff they have in their ranks.

The Senior Incident Response Analyst will be part of an energetic, expanding function who are pro-actively preparing, hunting for, and reacting to cyber incidents from both internal and external threat actors. You will have a strong comprehension of malware, emerging threats and calculating risk and the ability to work with a degree of autonomy albeit in a team. There is some flexibility on hours and some potential home working as an option.

Essential Requirements:

  • Understanding of developing dashboards and alerts in Splunk and able to write correlation rules for Splunk ES. Splunk system administration and management are key elements to this role.
  • Responsible for configuring and administering security tools, analysing and responding to various forms of security alerts
  • Lead technical aspects of digital security incident detection and response, focusing on very unstructured incidents and high-risk events.
  • Perform daily response operations with a schedule that may involve non-traditional working hours - act as escalation points for Information Security Incident Analysts
  • Write signatures, tune systems/tools, and develop scripts and correlation rules
  • Connect with support teams and client/business partners during incident resolution and root cause analysis/corrective action restoration processes
  • Implement identified infrastructure changes /operational processes related to S&C
  • Splunk, SANS 503 / 504 certification would be ideal
  • Detailed understanding of APT, Cyber Crime and other associated tactics desirable

In line with Asylum & Immigration Legislation, all applicants must be eligible to live and work in the EU. Documented evidence of eligibility will be required from candidates as part of the recruitment process. Furthermore, in view of the nature of the work, all potential employees will undergo stringent reference and identity checks.

CND Limited is acting as an Employment Agency in relation to this vacancy.