My client is seeking a Threat and Vulnerability Manager to be working for a public sector client. Please note, this role is remote until further notice - then the location will be Canary Wharf.
As a keen cyber security enthusiast, you will have a strong analytical capability with the capacity to translate findings into Threat Intelligence reports, and the ability to provide
Threat Intelligence to stakeholders. The TVM engineer provides technical insight into current and emerging threat activity as well as an escalation point during Security Incidents, establishing extent of threat, and business impacts of an incident.
Key Requirements and Skills
The TVM Engineer will also be responsible for the day to day operations of the Threat Team which includes but is not limited to:
- Threat Hunting
- Malware reverse engineering
- Utilising OSINT feeds to enhance detection capabilities
- New Starter On-boarding
- Analyse threat data from multiple sources; internal and external
- Monitoring for emerging threat patterns and vulnerabilities
- Vulnerability Scheduling
- Threat Report Generation
- SIEM Enhancements to increase detection capabilities
- Assist Engineering with rule generation (IDS/SIEM)
- Assist Engineering with Rule implementation
- Assists with recommendations and workaround
The succseful candidate will have:
Prior experience of network analysis tools, software vulnerabilities and exploits.
- Ability to read and understand system data including security event logs, system logs, application logs, and device logs, etc.
- Prior experience of network traffic analysis for identifying any developing patterns.
- Possess an understanding of enterprise grade technologies including operating systems, databases and web applications.
- Network infrastructure knowledge.
- Ability to assume leadership role on ad-hoc basis for managing Level 1/2 Analysts.
- Experience of working in high performing teams and understand the dynamics of teamwork in a SOC environment.
- Certified in one of the following certifications: Security+, SANS GCTI, GCFA
- Knowledge of Windows, Linux, and TCP/IP protocols
- Strong written and verbal skills
- Programming experience including python, perl, c++
SC Security clearance is desirable.