Lead Cyber Incident Response Analyst

Full Time Bristol Bristol (County) IT Job Pro UK

SOC Analyst / Lead Cyber Incident Response Analyst

SC Cleared required

3 month rolling contract

Location: BRISTOL

Rate: £450 – £500

A global aerosapace and defence organisation are seeking a Lead Cyber Incident Response Analyst to manage the cyber incident response team as well as capability development.

The role would ideally suit a seasoned incident responder with experience of leading enterprise-scale investigations, threat hunting or malware analysis activities.

Previous experience in a consulting or SOC environment is essential, with up-to-date knowledge of the digital forensics, incident response, and cyber security markets to enable you to grow the capability and win work.

Responsibilities – Lead Cyber Incident Response Analyst

Managing a small team of technical specialists and supporting their professional development through coaching, training, and performance reviews

Acting as the subject matter specialist in cyber incident response and related disciplines to the wider business

Advising clients on how to best respond to any given incident, from boardroom to boots-on-the-ground, with excellent technical leadership to promote confidence based on your skills and experience

Advising clients on how to best implement mitigation measures which might prevent or limit future incidents, working with customer and internal teams to create effective response strategies

Authoring and reviewing customer Cyber Incident Response Plans

Providing specialist cyber knowledge, insight, and training to clients and to internal teams on an ad-hoc basis and through the delivery of formal training courses

Leading threat hunting programmes across available security devices and through operating system native or custom tooling

Developing threat intelligence capabilities and strategies in conjunction with other operational teams and customers

Skills and Knowledge – Lead Cyber Incident Response Analyst

Excellent knowledge of the inner workings of Windows Operating Systems and how malware works and some experience in tearing it apart

Good knowledge of the fundamentals of Unix systems including MacOS and Linux distributions

Excellent knowledge of host-based investigations including digital forensic principles and practices

Excellent report writing and reviewing skills

Good knowledge of Cyber Threat Intelligence capabilities and strategy implementation

Excellent knowledge of common networking and routing protocols (e.g. TCP/IP), services (e.g. TLS, DNS, SMTP) and how they interact to provide network communications

Good experience in packet-level analysis, firewall and hypervisor administration, network appliance log analysis, and management of network intrusion detection and prevention systems

Excellent knowledge of Cyber Security Incident Response processes and procedures with real-world application

Some practical programming knowledge or experience in writing scripts in languages such as Python, PowerShell and Bash

Some experience of creating and delivering technical and managerial training courses to internal teams and customers

To apply for this job please visit itjobpro.co.uk.