Lead Cyber Incident Response Analyst

  • Job ref:


  • Location:

    Bristol, England

  • Sector:


  • Job type:


  • Salary:

    £450 - £500 per day

  • Contact:

    Harry Garvin

  • Email:

  • Published:

    almost 2 years ago

  • Duration:

    3 month rolling

  • Start date:


  • Consultant:


SOC Analyst / Lead Cyber Incident Response Analyst

SC Cleared required

3 month rolling contract

Location: BRISTOL

Rate: £450 - £500

A global aerosapace and defence organisation are seeking a Lead Cyber Incident Response Analyst to manage the cyber incident response team as well as capability development.

The role would ideally suit a seasoned incident responder with experience of leading enterprise-scale investigations, threat hunting or malware analysis activities.

Previous experience in a consulting or SOC environment is essential, with up-to-date knowledge of the digital forensics, incident response, and cyber security markets to enable you to grow the capability and win work.

Responsibilities - Lead Cyber Incident Response Analyst

  • Managing a small team of technical specialists and supporting their professional development through coaching, training, and performance reviews

  • Acting as the subject matter specialist in cyber incident response and related disciplines to the wider business

  • Advising clients on how to best respond to any given incident, from boardroom to boots-on-the-ground, with excellent technical leadership to promote confidence based on your skills and experience

  • Advising clients on how to best implement mitigation measures which might prevent or limit future incidents, working with customer and internal teams to create effective response strategies

  • Authoring and reviewing customer Cyber Incident Response Plans

  • Providing specialist cyber knowledge, insight, and training to clients and to internal teams on an ad-hoc basis and through the delivery of formal training courses

  • Leading threat hunting programmes across available security devices and through operating system native or custom tooling

  • Developing threat intelligence capabilities and strategies in conjunction with other operational teams and customers

Skills and Knowledge - Lead Cyber Incident Response Analyst

  • Excellent knowledge of the inner workings of Windows Operating Systems and how malware works and some experience in tearing it apart

  • Good knowledge of the fundamentals of Unix systems including MacOS and Linux distributions

  • Excellent knowledge of host-based investigations including digital forensic principles and practices

  • Excellent report writing and reviewing skills

  • Good knowledge of Cyber Threat Intelligence capabilities and strategy implementation

  • Excellent knowledge of common networking and routing protocols (e.g. TCP/IP), services (e.g. TLS, DNS, SMTP) and how they interact to provide network communications

  • Good experience in packet-level analysis, firewall and hypervisor administration, network appliance log analysis, and management of network intrusion detection and prevention systems

  • Excellent knowledge of Cyber Security Incident Response processes and procedures with real-world application

  • Some practical programming knowledge or experience in writing scripts in languages such as Python, PowerShell and Bash

  • Some experience of creating and delivering technical and managerial training courses to internal teams and customers