SOC Analyst / Lead Cyber Incident Response Analyst
SC Cleared required
3 month rolling contract
Rate: £450 – £500
A global aerosapace and defence organisation are seeking a Lead Cyber Incident Response Analyst to manage the cyber incident response team as well as capability development.
The role would ideally suit a seasoned incident responder with experience of leading enterprise-scale investigations, threat hunting or malware analysis activities.
Previous experience in a consulting or SOC environment is essential, with up-to-date knowledge of the digital forensics, incident response, and cyber security markets to enable you to grow the capability and win work.
Responsibilities – Lead Cyber Incident Response Analyst
Managing a small team of technical specialists and supporting their professional development through coaching, training, and performance reviews
Acting as the subject matter specialist in cyber incident response and related disciplines to the wider business
Advising clients on how to best respond to any given incident, from boardroom to boots-on-the-ground, with excellent technical leadership to promote confidence based on your skills and experience
Advising clients on how to best implement mitigation measures which might prevent or limit future incidents, working with customer and internal teams to create effective response strategies
Authoring and reviewing customer Cyber Incident Response Plans
Providing specialist cyber knowledge, insight, and training to clients and to internal teams on an ad-hoc basis and through the delivery of formal training courses
Leading threat hunting programmes across available security devices and through operating system native or custom tooling
Developing threat intelligence capabilities and strategies in conjunction with other operational teams and customers
Skills and Knowledge – Lead Cyber Incident Response Analyst
Excellent knowledge of the inner workings of Windows Operating Systems and how malware works and some experience in tearing it apart
Good knowledge of the fundamentals of Unix systems including MacOS and Linux distributions
Excellent knowledge of host-based investigations including digital forensic principles and practices
Excellent report writing and reviewing skills
Good knowledge of Cyber Threat Intelligence capabilities and strategy implementation
Excellent knowledge of common networking and routing protocols (e.g. TCP/IP), services (e.g. TLS, DNS, SMTP) and how they interact to provide network communications
Good experience in packet-level analysis, firewall and hypervisor administration, network appliance log analysis, and management of network intrusion detection and prevention systems
Excellent knowledge of Cyber Security Incident Response processes and procedures with real-world application
Some practical programming knowledge or experience in writing scripts in languages such as Python, PowerShell and Bash
Some experience of creating and delivering technical and managerial training courses to internal teams and customers
To apply for this job please visit itjobpro.co.uk.