Reading -Hybrid working - required to be in the Reading office minimum 2 days per week
Competitive package and benefits
We are looking for Cert Consultant for a leading telecom company in Reading and this role is responsible for providing subject matter expertise and guidance to Security professionals and Partners that own the day-to-day safeguarding of customer information and physical assets of the company
- Provide oversight and governance of our Security Operations Centre (SOC) to assure operational effectiveness to identify and detect security threats, coordinating an effective rapid response and recovery.
- Responsible for Vulnerability / Threat Management and Security Critical Incident Response
- Establish, monitor, evaluate and report in a professional manner; clearly highlighting the current state of Security Operations and any associated risks
- Responsible for the tactical management of cyber security incidents; the direction of response activities (in accordance with NIST SP800 60 R2); including the supervision of Cyber Security Analysts.
- Demonstrate effective Partner and internal team collaboration to identify and drive capability maturity levels
- Responsible for driving the proactive use of security tooling and partner services in protecting customer, business and employee information.
- Contribute to ensuring Client's UK Security Policies, Standards and contractual requirements are delivered
- Provide support in proactive and effective oversight (and where appropriate challenge) of the technology and security risk management frameworks, methodologies, processes, assurance, remediation and reporting activities across the company.
- Work with technology, Security and business stakeholders to help identify, define and prioritise pragmatic and efficient remediation activities in relation to risk and control issues identified. Where Residual Risk is above appetite, facilitate the Risk acceptance process.
- Effective governance of external partners and internal teams to deliver and assure Security Operations services to the business
- Effective governance of the Vulnerability Management programme
- Effective governance of Threat Management and Security Incident Response capabilities
- Lead appropriate and focussed Cyber Threat Intelligence (CTI) services
- Lead and assure effective intelligence led Threat Hunting capability
- Lead and assure effective cyber threat detection capability
- Develop and contribute to documentation required by Security Operations functions and capabilities
- Support the Security Operation Lead in technical and strategical decision making
- Must have at least 5 years' experience working in cyber security operations.
- Must have practical experience of working in a security incident response team and leading the technical response to cyber security incidents and be able to act as the incident manager.
- Must have experience working with cyber security tools and technologies including endpoint security, email security, network security tools, SIEM and SOAR etc, and be able to optimise such tools.
- Must have a have experience in Vulnerability / Threat management including threat intelligence and threat hunting.
- Must have good written and oral communication skills, including incident reporting and stakeholder management.
- Must have experience in creating and documenting processes (processes, procedures, playbooks etc).
- Must have experience working at pace within a complex operational environment / large enterprise network.
- Must have the ability to develop use cases / detections based on frameworks such as MITRE ATT&CK.
- Responsible for mentoring cyber security analysts to develop, improve skills and knowledge.
- Security related certifications are desirable, particularly blue team certs such as SANS / GIAC.
- Understanding of cyber security standards and frameworks (ISO27001, NIST, SANS, OWASP etc).
- Scripting knowledge would be an advantage including PowerShell, Python, and Bash etc.
- Up-to-date knowledge of current exploits, vulnerabilities, threats, and security analysis techniques.
- Knowledge of TCP/IP, network protocols, OSI model, routing and switching and packet analysis tools.
- An appreciation for digital forensics and maintaining the chain of custody.
- Experience of conducting deep level investigation and analysis, such as malware reverse engineering, using different toolsets is desirable.
- Understanding of various operating systems, including Windows and Unix.
- Knowledge of penetration testing processes and techniques is desirable.
- Working knowledge of one or more SIEM solutions.
- Experience of improving the maturity level of security controls in line with industry best practice and standards.
Project People is acting as an Employment Agency in relation to this vacancy.