This job is no longer available.
You can view related vacancies or set-up an email alert notification when similar jobs are added to the website using the buttons below.

Incident Response Team Leader

jk0713_1531548812
Negotiable

Managing this Role

image

Josh Keeley

Manager - Cyber Specialist 0207 759 7878

With six years’ experience as an IT engineer within the Royal Marines, Josh has a strong network of ex-services CTI analysts and CCTIM qualified managers. Bringing sound technical knowledge and in-depth market expertise, Josh works with consultancies, defence, MSSPs and TIPs; from rapidly-growing start-ups to established global enterprises.

 

Roles recruited: CTI analysts, CCTIM managers

Seniority: Junior-Senior

Job Type: Permanent

Geographical coverage: London

Market: Cyber threat intelligence, TIP’s and Professional Services

Incident Response Team Lead - London - £Competitive

We have partnered with a global Cyber Security Consultancy who are currently looking for an Incident Response Team Leader to compliment an already world class Incident Response team. This team respond to and contain security incidents for their clients with a particular focus on advanced targeted attacks.

Responsibilities

As a Team Lead you will focus on strategic initiatives and operational management to deliver sustainable capability improvement over time. Your key focus areas are innovation and optimisation of our services; development of junior team members; and coordination and integration with global teams.

While the role is predominantly managerial, for effectiveness it requires a strong technical background in Incident Response, and the Team Lead will be expected to be able to demonstrate experience dealing with many different types of compromises in different environments, including advanced nation state attacks.

Requirements

A deep understanding of the motivations and methods adopted by a range of threat actors with an understanding of how exploitation of systems occurs is essential. You will have experience in examining data from various sources including network traffic, volatile memory, host data, log files and other sources of information.

  • Significant industry experience as part of a CSIRT, Security Operations or Investigations team in a data regulated and mission-critical environment.
  • Experience responding to and containing live security incidents such as crimeware, data breaches and advanced targeted attacks following a standard incident handling lifecycle.
  • Solid understanding of technical and security domains fundamental to investigations and incident response, including:
    • Client-server infrastructures, security architectures and related logging and alerting
    • TCP/IP networking with the ability to perform deep-dive network forensic analysis
    • File-system analysis including FAT, NTFS, HFS and/or EXT2/3/4 and ability to find and extract common disk-based indicators of compromise
    • Windows, Linux and/or OS X internals with emphasis on memory structures and ability to find common memory-based indicators of compromise
    • Malware analysis activities using behavioural techniques. Ability to perform dynamic and static analysis is an advantage
  • Ability to report key findings in a clear and concise manner both at technical and senior management level.
  • Vendor independent qualifications in Incident Response and Forensics such as SANS and CREST.

Huntress Search Ltd does not discriminate on the grounds of 'protected characteristics' as defined under the Equality Act and other relevant UK legislation.

Huntress Search Ltd acts as a Recruitment Agency in relation to all Permanent roles and as a Recruitment Business in relation to all Temporary roles.

PLEASE NOTE: We can only consider applications from candidates who have the right to work in the UK.


This job has now been filled but you may be interested in:

 

Threat Hunter

My client provides an elite threat detection capability to a large array of clients using the latest tooling to help detect and respond to the latest threats. Using these tools provides my client with the capability to detect both internal and external threats.

This is your chance to provide an elite threat detection service to a broad spectrum of clients, whilst due to the rapid growth of my client you will be exposing yourself to a level of career progression that is hard to match.

The Role

As a Cyber Security Analyst you will have the ability to monitor the networks for threats and report your findings to all audiences.

You will be expected to monitor the client's assets and environments using our high end security tools. Identifying, analysing and alerting the client's to existing and emerging threat actors, the following will be the main focus of the role:

  • Perform detailed network analysis to identify potential threat actors.
  • Create clear, concise and analytical reports on threats.
  • Keep on top of current threats and informing Clients of the risk.

Key Skills

You will need to be a quick thinker who can quickly analyze threats and the impact they will have. You will have the ability to think of ways to prevent the future attacks and to be one step ahead of the threat at all times.

  • Knowledge of current Cyber Threats.
  • Understanding of typical malware functionality and capabilities.
  • Understanding of tools used with Blue Teams.
  • Packet Capture experience.
  • Familiarity with typical security technologies such as firewalls and SIEM tools.
  • An understanding of large scale networking technologies.
  • Windows and Linux exposure.
  • Scripting exposure - Python and Bash.

If you can demonstrate that you have the knowledge of current Cyber Threats, and the ability to discuss Cyber Security concepts revolving around Network IDS and malware then apply now to be apart of this professional team!

Huntress Search Ltd does not discriminate on the grounds of 'protected characteristics' as defined under the Equality Act and other relevant UK legislation.

Huntress Search Ltd acts as a Recruitment Agency in relation to all Permanent roles and as a Recruitment Business in relation to all Temporary roles.

PLEASE NOTE: We can only consider applications from candidates who have the right to work in the UK.

Cyber Security Analyst

The role

Our client a leading provider of professional services is looking for an experienced Cyber/ Information Security professional that will complement our existing team, and who will be responsible for the delivery of key security initiatives and activities.

Key Responsibilities

  • You will act as the primary contact for all security related incidents
  • Engage with business stakeholders to maintain information security across the business
  • Prepare accurate reports for all levels in a language and tone appropriate for the audience
  • Maintain awareness of developments in the information security industry
  • Assist the organisation in securely delivering existing and new solutions to the market
  • Assist CTI in obtaining and maintaining certifications (ISO 27001)
  • Assist the organisation in adhering to regulatory requirements (GDPR)
  • Assist in the organisation in due diligence responses
  • Conduct due diligence on potential partners and new solutions
  • Identify security control gaps and implement solutions
  • Work with 3rdparty SOC
  • Point of contact for suspected incidents
  • Provide business context and ensure they are kept up to date with environment changes
  • Continuous focus on tuning and automation of alerts
  • Act as security representative at the Change Advisory Board
  • Act as a consultant to our Infrastructure team during projects and proposed changes

Required skills

  • Security Architecture design and implementation
  • Experience developing MSSP SOC
  • Incident Detection/Response experience
  • Experience working with a SIEM solution
  • Exposure to SIEM & Vulnerability management solutions
  • Strong Active Directory experience
  • Securing Windows environments (desktop/server)
  • 3 years' experience in an Information Security role
  • Strong knowledge of network security within a corporate environment
  • Experience working in an ITIL environment

Huntress Search Ltd does not discriminate on the grounds of 'protected characteristics' as defined under the Equality Act and other relevant UK legislation.

Huntress Search Ltd acts as a Recruitment Agency in relation to all Permanent roles and as a Recruitment Business in relation to all Temporary roles.

PLEASE NOTE: We can only consider applications from candidates who have the right to work in the UK.

Tier 2 SOC Analyst

Do you want to respond to real events that require a SC clearance in a state of the art SOC? We are looking for a TIER 2 Analyst to join my client in Reading to help detect, analyse and respond to the latest security threats.

You will be working for one of the leading communication companies in the world, one of the first to be established. They will provide training on their own bespoke tooling and you will not have to work the standard security shift pattern. You will help the team in escalation and classification of live events as well as remediation by applying current security methodologies and processes, whilst also training the more junior members of the team.

Skill set:

  • Knowledge of TCP/IP Protocols, network analysis, and network/security applications
  • Knowledge of common Internet protocols and applications
  • Knowledge and hands on experience of IP networks and their key components
  • Ability to apply non standard processes to incidents and investigations
  • Motivated and ambitious to work on your own initiative without needing direction with a genuine enthusiasm and drive to work within Cyber Security
  • Strong attention to detail
  • Ability to multi-task, prioritise, and manage time effectively
  • Excellent interpersonal skills and professional demeanour
  • Excellent verbal and written communication skills

Additional Skills:

  • Recognised qualifications such as CompTia Network , Security , CySA and/or CEH or equivalent
  • Knowledge of Security management, network and information security, people security and running of one or more services within a Security Operations Centre.
  • Proficient in Microsoft Office Applications
  • Recent experience of working within an IT/IP network based environment
  • Experience working in a customer facing environment
  • Leadership experience

This is an incredible opportunity for someone who wants to be apart of a global company who will take you to the next step of your career. Get in touch now for more information.

Huntress Search Ltd does not discriminate on the grounds of 'protected characteristics' as defined under the Equality Act and other relevant UK legislation.

Huntress Search Ltd acts as a Recruitment Agency in relation to all Permanent roles and as a Recruitment Business in relation to all Temporary roles.

PLEASE NOTE: We can only consider applications from candidates who have the right to work in the UK.

Cyber Threat Analyst

Blackthorn Trace have partnered with a global leading financial services industry who are building a Cyber Threat team across the UK, US and Canada. With the financial services industry constantly under attack by sophisticated cyber adversaries that range from nation states to criminals. In response, my client is adding a Cyber Threat Center associate, charged with ensuring all equities are secure against all tiers of adversaries. 

You will work within the central hub for Computer Operations and be on the front lines of security incident response, threat hunting, and intelligence. Hours - 6am – 2.30pm, 2 days per week from home.

Responsibilities

  • Act a senior member of the Cyber Threat Center who handles security events and incidents on a daily basis in a fast-paced environment.
  • Acts as an Incident Handler who can handle minor and major security incidents within the defined Computer Security Incident Response process.
  • Role embodies Cyber Network Defense and a successful Cyber Threat Analyst will be able to quickly analyze threats, understand risk, deploy effective countermeasures, make business critical incident response decisions, and work as part of a team of individuals dedicated to protecting the firm.
  • Maintains situational awareness for cyber threats across the global firm and take action where necessary.
  • Countermeasure deployment across various technologies.
  • Malware and exploit analysis.
  • Assessing alerts and notifications of event activity from intrusion detection systems and responding accordingly to the threat.
  • Continuing content development of threat detection and prevention systems.

 

Experience and Skills

  • Systems administrator experience in Linux, Unix, Windows or OSX operating systems.
  • Knowledge of networking and the common network protocols.
  • Demonstrated ability to create scripts, develop tools, or automate processes
  • Knowledge of vulnerabilities and a comfort in manipulating exploit code for analysis.
  • Demonstrated ability to perform static and dynamic malware analysis.
  • Demonstrated ability to analyze large data sets and identify anomalies.
  • Demonstrated ability to quickly create and deploy countermeasures under pressure.
  • Familiarity with NIST framework for incident handling.
  • Understand OSINT techniques.
  • Experience leading and managing IR investigations.

 

One or more of the following certifications or the ability to obtain within 1 year:

  • CISSP: Certified Information Systems Security Professional
  • CCNA: Cisco Certified Network Associate
  • SANS: GCIH – Incident Handler
  • SANS: GCIA – Intrusion Analyst
  • CREST: Certified Incident Manager