Cyber Threat Hunting Manager

  • Location:

    Reading, Berkshire

  • Sector:

    Cyber Security

  • Job type:

    Permanent

  • Salary:

    £60000 - £75000 per annum + + Generous Benefits

  • Contact:

    Jonathan Dale

  • Job ref:

    JDCTHM_1552058728

  • Published:

    4 months ago

  • Expiry date:

    2019-04-07

  • Startdate:

    ASAP

Cyber Threat Hunting Manager

A Global Multimedia client of mine are looking for an experienced Incident Response and Malware specialist to help build out and lead their Threat Hunting function, enhancing their proactive and intelligence driven monitoring capability.

This is an excellent opportunity for an experienced CSIRT Lead with significant experience performing malware analysis, reverse engineering and handling incidents from inception through to resolution to take the already well established Global SOC function to the next level, and put your own mark and stamp on a global organisation.

Key Responsibilities:

  • Lead the threat hunting and attack path mapping programs
  • Act as escalation point and technical lead during cyber security incident resolution, managing incidents through the full lifecycle
  • Complex report writing around security incidents and various threats and reporting to senior management
  • Managing and mentoring a team of security specialists underneath you
  • Producing and collating research on latest threats and malware, coordinating with Security Tooling and GSOC Analysis team, assisting and advising on content creation to develop defensive methodologies
  • Translating technical concepts into business risks to Senior Stakeholders, with the ability to influence to make sure objectives are met

Key Skills & Requirements:

  • Identification of malware types, infection methods, providence and objective of the malware, as well as the ability to extract IOCs and TTPs
  • Malware reverse engineering using ole debugger, IE IDA Pro (static and dynamic) and sandboxing technologies such as Cuckoo.
  • Strong knowledge of DFIR toolsets (SIFT, Volatility, etc), various attack vectors and memory and file system analysis
  • Complex incident report writing
  • Comprehensive knowledge of Cyber Security Methodologies (Cyber Kill-Chain, NIST, MITRE ATT&CK Framework in particular)
  • Strong knowledge of security architecture, security technology, technical security systems and security event management methodologies.
  • Experience utilising various security technologies and defences such as Snort, Bro, IDS monitoring, custom rule creation (YARA), WireShark, TCPDump, Netflow Analysis, TCP/IP Networking principles, Firewalls
  • Proven people management, mentoring and team development experience
  • SANS Certification(s) desirable - GCIA, GCIH, GCFE, GREM
  • Eligibility for SC Clearance is essential
W1siziisimnvbxbpbgvkx3rozw1lx2fzc2v0cy9hb29kbwfuie1hc3nvbi9qcgcvu2fmzxjkb2jmb2dvlmpwzyjdxq

To stay safe in your job search we recommend that you visit SAFERjobs, a non-profit, joint industry and law enforcement organisation working to combat job scams. Visit the SAFERjobs website for information on common scams and to get free, expert advice for a safer job search.