Cyber Security Tasks:
Monitoring of corporate environment to identify security issues or incidents (Threat Hunting)
Monitor, Investigate, and perform root cause analysis on Security alerts and Incidents from multiple information sources. Including, but not limited to Darktrace, LogPoint, F-secure, Mimecast.
Responsible for managing the business IT vulnerabilities and paths to remediation, through the whole lifecycle to ensure safety and compliance for the company.
Investigate and analyse security matters, identify methods and solutions in response to security related queries including the ones, submitted by end users
Perform root cause analysis of security incidents and participate in post-incident reviews to provide practical recommendations for improving the organisation's threat detection and incident response capabilities and overall security posture
Perform malware analysis and digital forensics where appropriate
Stay relevant and current on IT security trends, best practises, and threat landscape (0-day vulnerabilities, etc)
Own maintenance, renewal and distribution of SSL Certificates
Conducting and reporting Risk Analysis Assessments (Attack Vectors, Cryptography, Confidentiality law)
Contribute to planning and development of secure and effective Identity Management both on prem but also on cloud through Microsoft Azure
Participate in achieving and maintaining Security related certifications (CE+, PCI, ISO27001, etc)
Liaise with 3rd party and vendors on security issues and incident response
Contribute to the design & development of security standards, controls, and procedures
Develop procedures to maintain security and protect systems from unauthorised use and acts of abuse
Identify and promote continual service improvement of all cyber security systems
Updating the cyber security risk register
Documentation & Reporting:
Assist in development of company-wide best practices for Cyber Security
Document all security alerts, incidents and actions taken for both internal and regulatory use
Contribute to creation and maintenance of Cyber Security Operations Manual
Participate in audits, cyber security exercises and provide supporting documentation
Provide cyber security related reporting dashboards for use at different levels within the Society (Regulatory, Board updates, Vulnerabilities, etc)
Key Skills & Experience
At least 2 years hands on experience in a similar technical Cyber/IT Security/InfoSec based role (e.g SOC Analyst, Cyber Engineer, SIEM Engineer)
Experience with security tool sets (SIEM, EDR, NDR, Packet Capture / Analysis, etc.)
Hands on experience of SIEM & FIM monitoring
The ability to contextualise, categorise and prioritise security events, incidents, and alerts
Knowledge of security framework and standards implementation (NiST, ISO27001, PCI-DSS, etc)
Demonstrable passion and enthusiasm for security, including the ability to keep current with the latest threats, technologies, and trends
Thorough understanding of adversarial tactics, techniques, and procedures
Knowledge of infrastructure, cloud, virtualisation and network concepts and technologies, particularly in a Microsoft-centric environment
Technologies involved:
SIEM - Logpoint
Automated Intrusion and response - Darktrace
AntiVirus / Malware detection - F-secure, Bit Defender
Email Filtering & Web Security - Mimecast
FIM - Tripwire
VMware & VDI Horizon
Windows Environment
Microsoft Azure & O365
AWS
WAF
Duo Multifactor Authentication
Eames Consulting is acting as an Employment Agency in relation to this vacancy.
