Lead Cyber Security Analyst
This role sits within our Financial & Risk ("F&R") business.
This role will sit within the Security Operations group which provides protects and defends the F&R enterprise. The Lead Cyber Security Analyst - CIRT Tier 3 will work in both a team environment and independently to analyze Information Security systems and threat intelligence to identify incidents and recommend mitigation strategies. This position will analyze information systems in order to detect and respond to potential threats in the environment. Additionally, they will act as the Lead Cyber Security Analyst in resolving security incidents.
- Serve as a focal technical lead on incident events and incidents
- Provide technical, hands-on incident investigation and support and serve as a primary point of contact with management
- Lead the investigative process for network intrusions and other cyber security incidents to determine the cause and extent of cyber attacks
- Summarize events and incidents effectively to different constituencies such as legal counsel, executive management and technical staff, both in written and verbal forms
- Manage the chain of custody for all evidence collected during incidents, security, and forensic investigations
- Monitor for and investigate suspicious or malicious activity and alerts
- Ongoing review of SIEM dashboards, system, application logs, and custom monitoring tools
- Perform advanced malware and threat analysis
- Monitor and analyze SIEM, UBA, network traffic, Intrusion Detection Systems (IDS), security events and logs
- Prioritize and differentiate between potential incidents and false alarms.
- Lead and train Tier 1 and Tier 2 incident responders in the steps to take to investigate and resolve computer security incidents.
- Stay up to date with current vulnerabilities, attacks, and countermeasures.
Qualifications / Requirements:
- Bachelor's degree in Computer Science/Information Security/similar major or 4+ years of related field experience
- 2+ years of work experience in Information Technology
- 5+ years of experience in security incident handling and forensics skills including knowledge of common probing and attack methods, network/service discovery, system assessment, viruses and other forms of malware.
- Experience mitigating and addressing threat vectors including Advanced Persistent Threat (APT), Distributed Denial of Service (DDoS), Phishing, Malicious Payloads, Malware, etc.
- Experience with Information Security technologies such as but not limited to SIEM, IPS/IDS, Vulnerability Management Software, User Behavior Monitoring, Unstructured Data Monitoring tools or Internet Content Filters.
- Experience reading and understanding system data, including, but not limited to, security event logs, system logs, and firewall logs
- Intermediate understanding of network technologies such as TCP/IP, IDS/IPS, firewalls, LAN/WAN, routing and switching.
- Intermediate knowledge of the following platforms in an enterprise environment - Microsoft Windows, Solaris, Linux.
- This position requires strong analytical skills and attention to detail, which will allow advising on how best to respond to abnormal network/system behavior.
- Must possess excellent written and verbal communication skills
- Travel (including international) may be required up to 15%.
- Evening and weekend hours expected during incidents
- Any of the following professional certifications are a plus: CISSP - Certified Information Systems Security Professional. CEH - Certified Ethical Hacker, CompTIA Security +, SANS GIAC
- Microsoft, Linux, Networking or related certifications
- Knowledge of offensive security techniques
- Experience working in a global financial company
- Knowledge of common security assessment frameworks such as MITRE ATT&CK Matrix, NIST, HITRUST, COBIT, etc.
- Familiarity with scripting languages and data analysis tools
- Experience leading small teams
Cyber Security Manager - Manchester
- Manchester, Greater Manchester
- £50000 - £60000 per annum
- 29 days ago
Oliver James Associates are mandated by their tier one client based in Manchester to help find cyber & information security manager. Basic salaries can rise up to £60,000 initially plus bonus, pension, extras, car allowance etc. Oliver James Associates are mandated by their tier one cli... Read More
Director of Cyber Security & Information Assurance - Government
- London, England
- £130000 - £150000 per annum
- 1 day ago
Oliver James Associates is mandated by their tier one client based in London to help a Director of Cyber Security & Information Assurance with deep experience within the UK central government to join and lead their team. The basic salary range falls between £130-£150,000 plus bonus, pen... Read More
Cyber Security & Information Assurance Manager - Government
- London, England
- £65000 - £80000 per annum + car, pension, bonus, extras
- 1 day ago
Oliver James Associates is mandated by their tier one client based in London to help find cyber & information security professionals with deep experience within the government and public sector to join their team. Basic salaries can rise up to £80,000 initially plus bonus, pension, extr... Read More
Senior Security Analyst
- Dayton, Ohio
- US$88000 - US$100000 per annum
- 23 days ago
Job Title: Senior Analyst, IT Security Type of Position: Full-time Employee Basic Purpose/Function: The Senior Security Analyst will manage, monitor, and review Information Security toolset and their byproducts. Responsibilities include: Protect and Defend - Uses data collected from a v... Read More