About the role:
A new and exciting opportunity has arisen for a successful individual to join a Specialist Cyber Security Software firm as their UK CSIRT Lead. Working with an array of in-house, open-source and specialist security monitoring, detection and threat hunting toolsets, you will be working as part of the Global Response group, consulting on the configuration of the monitoring intrusion detection systems, analysing network traffic and related log files. As the UK CSIRT Lead, you will lead on responding to and investigating alerts, threats and other specific data brought up by your client's needs, with a view to evaluate and tackle the requirements.
- Assisting Junior/Mid-Level Analysts, to monitor and respond to alerts from various security monitoring tool sets.
- Participating in and leading Incident Response and Threat Hunting activities.
- Working closely with the Senior Analyst, performing complex investigations within Packet Capture Analysis and acting as an escalation point.
- Reporting directly to the Head of Detection and Response
- Assisting the Security Engineering team in the fine tuning of security tool sets and generation of new signatures/rules.
Key Skills & Requirements:
- Knowledge and exposure to numerous variations of malware and IOC's.
- Have experience within the network protocols such as DNS, HTTP, and TCP/IP.
- Comprehensive knowledge in the principles of IDS and how they are used.
- A respectable knowledge of SQL.
- Experience in using security tools such as TCPDump, WireShark, Snort and other open-source investigative platforms.
- Knowledge of past and recent Information Security threats.
- Exposure to computing network design principals.