Cyber Security Technical Lead

Recruiter
FRANKLIN FITCH RECRUITMENT LIMITED
Location
Gloucestershire
Posted
15 Apr 2018
Closes
14 May 2018
Contract Type
Permanent
Hours
Full Time
My client a consultancy business who provide outsourced cyber-security services are looking for a technical lead. The Technical Lead will determine technical direction the Incident Response Team takes. You will also be responsible for monitoring identifiers and suspect activity that indicates a potential security incident. This will make use of Intrusion Prevention Systems, Vulnerability Scanning tools and Malware Forensics. You will be proficient in IR with an understanding of real-world APT tools, tactics, and procedures and be able to quickly determine the nature of the threat and deliver the appropriate response.Training and development will be provided for successful applicants, who are expected to have the following attributes: ·A technical career background within Cyber of at least five years. ·Experience in Incident Response or Incident Analysis. ·Good awareness of the current Threat Landscape ·Familiarity with host forensic artefacts, their acquisition, processing and interpretation. Ability to undertake forensic analysis of a host to support requirements such as proof of existence and proof of execution. ·Experience with network analysis and network intrusion detection. Understanding firewall rules. Writing and implementing Snort/Suricata rules. Windows and Linux tools for analysing packet capture, netflow and raw log files such as generated by firewalls, web servers and proxies. ·Excellent understanding of TCP/IP networking and protocols (including HTTP, SSL/TLS, HTTPS, HTTP/2, DNS, SMTP, IPSEC). ·Good understanding of modern malware: execution methods, persistence, detection, C2 methods, delivery mechanisms (javascript, powershell etc) and entry points (phishing, drive-by etc). ·Analysis of artefacts to deduce behaviour of malware within an estate, including methods of entry, evidence of lateral movement, C2/exfiltration analysis and remediation activities. ·Familiarity with the challenges of processing large volumes of log traffic, including Windows event logs. ·Familiarity with malware dynamic analysis to determine potential malicious intent of samples. Ideally some experience with static analysis and reverse-engineering of samples and C2 protocols. ·Ability to innovate malware hunting methods. ·General technical analysis and data correlation skills. Familiarity with Elastic, Splunk or similar beneficial. ·Understanding of vulnerabilities and vulnerability detection. Ability to launch and interpret network vulnerability scans, web scans and port scans. ·Good communication, reporting and analytical skills. Ability to produce and to review reports. ·Proven experience with scripting/programming languages. Ability to commit to small development projects (for example, in C or C++) as well as ad-hoc scripting (for example in Python). ·Ability to work within and perform system administration skills within Windows and Linux operating-systems. Mentoring and team working skills. Ability to mentor as well as to learn from other team members. Ability to read through and review peer incident notes and reports. If this sounds like you, please apply now.

Similar jobs

Similar jobs