Company description:
HRO Digital is a specialist traditional recruitment business. HRO Digital is a brand of Verita HR Polska.Verita HR Polska is a Human Resources service provider operating under number 5694.
We are working as a recruitment provider searching on our Client's behalf for a person in the following role:
Cybersecurity Lead Analyst (GCO)
Responsibilities:
- Collaborate with colleagues across Threat Detection and Incident Management areas to ensure a rapid and focussed identification and escalation of potential threat events.- Provide support into Incident Response actions, providing SME knowledge to ensure continuity and depth of investigation.
- Involvement in “Purple Team” and Threat Simulation activities, ensuring that the detection capability is accurately assessed and validated.
- Collaborate with the Threat Hunters on hypothesis driven threat hunt and advanced data analysis.
- Apply structured analytical techniques and critical thinking to ensure consistent triage of threat events.
- Contribute to Post-Incident reviews, ensuring that output is captured and use to continually improve detection posture.
- Provide expert-level advice and technical leadership to the team, driving the continued evolution of hunting, monitoring, detection, analysis and response capabilities and processes.
- Train, develop, mentor and inspire cybersecurity colleagues in area(s) of specialism.
- Identifying new SIEM detection use cases, taking end-to-end ownership of the delivery including testing, triage documentation and training requirements.
Requirements:
- Technical expertise in analysing threat event data, evaluating malicious activity, documenting unusual files and data and identifying tactics, techniques and procedures used by attackers.- Expert level knowledge and demonstrated experience in analysis and dissection of advanced attacker tactics, techniques and procedures in order to inform adjustments to the control plane.
- Expert level of knowledge and demonstrated experience of common log management suites, Security Information and Event Management (SIEM) tools, use of “Big Data” and Cloud-based solution for the collection and real-time analysis of security information.
- Detailed knowledge and demonstrated experience of common cybersecurity technologies such as; IDS / IPS /· HIPS
- Advanced Anti-malware prevention and analysis, Firewalls, Proxies, MSS, etc.
- Excellent knowledge and demonstrated experience of common operating systems and platforms to include Windows, Linux, UNIX, Oracle, Citrix, GSX Server, iOS, OSX, etc.
- Excellent knowledge of common network protocols such as TCP, UDP, DNS, DHCP, IPSEC, HTTP, etc. and network protocol analysis suits.