Cyber Incident Response Analyst
-
Job ref:
1171113/001_1597052095
-
Location:
Bristol, England
-
Sector:
-
Job type:
-
Salary:
£1 - £2 per annum + Company Benefits
-
Contact:
Tom McParland
-
Email:
-
Published:
about 2 years ago
-
Start date:
ASAP
-
Consultant:
#
Cyber Incident Response Team Lead
Based in Bristol
Competative Package
Key Responsibility Areas
* Leading the professional delivery of all Cyber Incident Response and Digital Investigation services
* Acting as the subject matter specialist in cyber incident response and related disciplines to the wider business
* Providing specialist cyber knowledge, insight, and training to clients and to internal teams on an ad-hoc basis and through the delivery of formal training courses
* Developing threat intelligence capabilities and strategies in conjunction with other operational teams and customers
* Advising clients on how to best respond to any given incident, from boardroom to boots-on-the-ground, with excellent technical leadership to promote confidence based on your skills and experience
* Advising clients on how to best implement mitigation measures which might prevent or limit future incidents, working with customer and internal teams to create effective response strategies
* Authoring and reviewing customer Cyber Incident Response Plans
* Leading threat hunting programmes across available security devices and through operating system native or custom tooling
* Managing a small team of technical specialists and supporting their professional development through coaching, training, and performance reviews
Skills, Qualifications & Knowledge Required
* Excellent knowledge of the inner workings of Windows Operating Systems
* Excellent knowledge of how malware works and some experience in tearing it apart
* Good knowledge of the fundamentals of Unix systems including MacOS and Linux distributions
* Excellent knowledge of host-based investigations including digital forensic principles and practices
* Good knowledge of Cyber Threat Intelligence capabilities and strategy implementation
* Excellent knowledge of common networking and routing protocols (e.g. TCP/IP), services (e.g. TLS, DNS, SMTP) and how they interact to provide network communications
* Good experience in packet-level analysis, firewall and hypervisor administration, network appliance log analysis, and management of network intrusion detection and prevention systems
* Excellent knowledge of Cyber Security Incident Response processes and procedures with real-world application
* Experience in winning commercial bids and leading the delivery of technical consulting services
* Some practical programming knowledge or experience in writing scripts in languages such as Python, PowerShell and Bash
* Report writing and reviewing skills
* Some experience of creating and delivering technical and managerial training courses to internal teams and customers
