Intrusion Detection & Response Analyst
About the role:
An exciting opportunity within a dedicated and innovative Cyber Defence firm, has arisen for an accomplished Intrusion Analyst. This opportunity is available for a talented individual to work in a dynamic and growing security environment.
Working with the cutting-edge technology, you will be working as part of the Response group, consulting on the configuration of the monitoring intrusion detection systems, analysing network traffic and related log files.
- Monitoring and responding to alerts from various security monitoring toolsets (LogRhythm preferred)
- Participating in and leading Incident Response and Threat Hunting activities.
- Assisting the Security Engineering team in the fine tuning of security toolsets and generation of new signatures/rules.
- Act as a mentor and escalation point to the more junior members of the team, helping them through the more complex incidents and investigations.
Key Skills & Requirements:
- Knowledge and exposure to numerous variations of malware and IOC's.
- Have experience within the network protocols such as DNS, HTTP, and TCP/IP.
- Comprehensive knowledge in the principles of IDS and how they are used.
- A respectable knowledge of SQL.
- Experience in using security tools such as TCPDump, WireShark, Snort or any other security tools.
- Knowledge of past and recent Information Security threats.
- Exposure to computing network design principals.