Cyber Incident & Threat Hunt Specialist

Become the lead Cyber Threat Specialist for this global FMCG company. Discover new or current cyber attacks and work with the team to contain and remediate the impacts.

Key Responsibilities:

• Cyber Threat Hunting- proactively discovering attacks via security monitoring techniques & cyber systems/tools
• Complex Active Monitoring & Triage - Observation, triage, correlation
• Investigation & closure of real time of information complex security events including false positive identification.
• Serve as an escalation point for security related tickets/incidents
• Detect cyber security incidents through centralized monitoring
• Analyse security events from sources e.g. SIEM, Syslog's, IDS/IPS, firewalls.
• Recommend security refinement and improvement
• Investigate security breaches and other security incidents
• Gather information on the behaviour, goals, and methods of the adversaries
• Respond to incidents by applying containment and eradication strategies
• Triage & deep-dive assessment of threats / Root cause investigation
• Document all actions taken as part of the post incident reporting

Skills:

• Strong undestanidng & hands-on experince in Cyber Hunt & Threat Detection
• Confidence, flexibility, reliability & enthusiasm for cyber security operations
• Ability to analyse attack artefacts in support of incident investigations
• Ability to support cyber security incidents through to full recovery and BAU
• Ability to analyse high volumes of logs, network data (e.g. Netflow, FPC), and other attack artefacts in support of incident investigations
• Capable of developing and deploying signatures (i.e. NIPS, HIPS, etc.)
• Advanced understanding of TCP/IP, common networking ports and protocols, traffic flow, system administration, OSI model, defence-in-depth and common security elements
• Excellent verbal and written communication skills
• Ability to work autonomously and part of a team
• Outstanding attention to detail and problem-solving abilities
• High level of administrative skills including multi-tasking & organizational skills
• Ability to handle confidential material with discretion and professionalism

Knowledge & Experience

• A minimum of 5 years' experience in Cyber Security or a related role
• Bachelor's in Computer Science or a related field
• Certifications in CISSP, CCNAM CASP, CISM, GSEC, GCIH a bonus
• Background in Security, Operation, Cyber Risk Management, governance