Security Incident Analyst

SECURITY INCIDENT ANALYST required to work for a large telecommunications company based in Berkshire.

The Security Incident Analyst will be joining the expanding Security Team with a clear vision to deliver a safe experience of our brand for our customers, our staff and our shareholder. We want someone to come into the team to play a pivotal role in helping to continue to develop and shape our operational security against a backdrop of significant evolutionary change in our security capabilities.

We want a Security Incident Analyst who is easy to do business with, an approachable and trustworthy individual with a keen eye for detail to ensure that our security is the best it can be.

Responsibilities of the Security Incident Analyst include:

Day to Day Activities

• Continuous monitoring of security tooling
• Perform regular and ad-hoc Vulnerability Assessments.
• Reporting on vulnerabilities to the PVG via the alerts system.
• 'Spot checks' on logs on various systems.
• Building understanding and documenting logging for systems.
• Developing centralised logging, reporting and intelligence platforms
• Collect external intelligence information from wide ranging sources, translated into applicable format and disseminated accordingly
• 'Light touch' penetration testing with open source tooling (e.g. Metasploit)
• Reporting on security events and effectiveness of tooling
• Working with Internal Communications where needed to notify employees of new risks
• Defining and setting a Cyber Threat Level to be communicated to staff
• Continuous improvement to processes and procedures

Incident Related Activities

• Incidents would be reviewed alongside Incident Management to determine if the issue affects confidentiality or integrity of Three systems.
• If the issue is defined as a Security Incident, the CERT resource would take command and:
• Prioritise the incident according to a pre-defined security incident priority matrix.
• Make an assessment as to whether external stakeholders, like external forensic investigators need to be involved.
• Direct and co-ordinate all operations teams to contain and/or mitigate the issue.
• Ensure that if data needs collection it is completed in a forensically sound manner.
• Communicate with relevant stakeholders including Internal and Corporate Communications

The successful Security Incident Analyst will have:

• Experience performing security event and incident detection and handling in an operational environment such as SOC, CSIRT, CERT, etc.
• Experience reviewing and analysing Security Events from various monitoring and logging sources
• Knowledge of, and experience with packet analysis
• Experience in web site and web application security assessment or penetration testing
• An active knowledge of current trends in computer security, software/hardware vulnerabilities
• An active interest in current security research
• Ability to work as part of a CERT Team which may require rotational weekday/weekend on-call coverage
• Ability to work independently and with minimal supervision
• Ability to understand and implement technical vulnerability corrections
• Experience of malware analysis
• Scripting knowledge using BASH, Python, Perl, ruby
• Knowledge of multiple operating systems including Windows, Linux, Solaris
• Skills in Host and Network Forensics
• Robust networking knowledge including TCP/IP, MPLS, OSPF, BGP

To apply for the Security Incident Analyst please send your CV to caroline.kennedy@projectpeople.com

Project People is acting as an Employment Business in relation to this vacancy.