Job Tasks:
· Monitoring of corporate environment to identify security issues or incidents (Threat Hunting)
· Monitor, Investigate, and perform root cause analysis on Security alerts and Incidents from multiple information sources. Including, but not limited to Darktrace, LogPoint, F-secure, Mimecast.
· Responsible for managing the business IT vulnerabilities and paths to remediation, through the whole lifecycle to ensure safety and compliance
· Investigate and analyse security matters, identify methods and solutions in response to security related queries including the ones, submitted by end users
· Perform malware analysis and digital forensics where appropriate
· Drive internal phishing campaigns (KnowBe4 platform) and work with management and HR - Training to raise Cyber awareness within the corporate environment
· Stay relevant and current on IT security trends, best practises, and threat landscape (0-day vulnerabilities, etc)
· Own maintenance, renewal and distribution of SSL Certificates
· Conducting and reporting Risk Analysis Assessments (Attack Vectors, Cryptography, Confidentiality law)
· Contribute to planning and development of secure and effective Identity Management both on prem but also on cloud through Microsoft Azure
· Participate in achieving and maintaining Security related certifications (CE+, PCI, ISO27001, etc)
· Liaise with 3rd party and vendors on security issues and incident response
· Contribute to the design & development of security standards, controls, and procedures
· Develop procedures to maintain security and protect systems from unauthorised use and acts of abuse
· Manage the day-to-day operations of the security systems by monitoring system performance, configuration, maintenance, versioning, and repair
Key Skills & Experience
· At least 2 years hands on experience in a similar technical Cyber/IT Security/InfoSec based role (e.g SOC Analyst, Cyber Engineer, SIEM Engineer)
· Experience with security tool sets (SIEM, EDR, NDR, Packet Capture / Analysis, etc.)
· Hands on experience of SIEM & FIM monitoring
· The ability to contextualise, categorise and prioritise security events, incidents, and alerts
· Knowledge of security framework and standards implementation (NiST, ISO27001, PCI-DSS, etc)
· Demonstrable passion and enthusiasm for security, including the ability to keep current with the latest threats, technologies, and trends
· Thorough understanding of adversarial tactics, techniques, and procedures
· Knowledge of infrastructure, cloud, virtualisation and network concepts and technologies, particularly in a Microsoft-centric environment
· Strong attention to detail with an analytical mindset and the ability to spot and investigate anomalous behaviour
Technologies involved:
· SIEM - Logpoint
· Automated Intrusion and response - Darktrace
· AntiVirus / Malware detection - F-secure, Bit Defender
· Email Filtering & Web Security - Mimecast
· FIM - Tripwire
· VMware & VDI Horizon
· Windows Environment
· Microsoft Azure & O365
· AWS
· WAF
· Duo Multifactor Authentication
Eames Consulting is acting as an Employment Agency in relation to this vacancy.
