Csirt Senior Cyber Security Incident Responder - Birmingham, United Kingdom - Engage ESM

Engage ESM
Engage ESM
Verified Company
Birmingham, United Kingdom

2 weeks ago

Tom O´Connor

Posted by:

Tom O´Connor

beBee Recruiter
Description

Publication Date:
Mar 29, 2023
Ref


No:
475958
Location:Birmingham, West Midlands, GB, B37 7YQ
The future is our choice

At Atos, as the global leader in secure and decarbonized digital, our purpose is to help design the future of the information space.

Together we bring the diversity of our people's skills and backgrounds to make the right choices with our clients, for our company and for our own futures.- As a Disability Confident employer, our aim is to ensure that disabled applicants who meet the minimum criteria for this position will be offered an interview.


  • The data is only used for the purpose of providing additional support at interview.**The Opportunity
    Location:

Home based
Role & Responsibilities:

  • Lead cyber security incident response engagements covering incident handling and coordination, indepth technical analysis, and investigation through to recovery
  • Identify patterns and behaviours related to threat actors and propose improvements to detection and protection capabilities
  • Ability to communicate complex cyberattacks to technical and nontechnical audiences with recommended mitigating actions
  • Perform post incident lessons learned, root cause analysis and incident reporting
  • Conduct threat hunting across a large range of security solutions and products. SIEM, WAF, IPS/IDS, Network Anomaly, AV, EDR
  • Lead and support Digital Forensics investigations and produce technical findings reports
  • Act as an escalation point to the SOC from a technical and consultive perspective
  • Play a key role within Purple Team activities
  • Post incident consultation with presales or customers regarding their wider technology and posture to aid towards readiness reviews and suggest the best fit solutions to secure the customer
  • Support and mentor team members, driving continual improvements in incident response and threat detection
  • Required Technical and Professional Expertise

Required skills and experience:


  • Security incident response, coordination, communications, mitigation, and remediation
  • Experienced and hardworking Cyber Security Professional, specialising in Security Incident Response & Security Operations with a minimum of 3 years' experience within a SOC or CSIRT Function
  • Identification of threats through to resolution/mitigation, providing clear and significant communication
  • Document security incidents both for reporting and case study perspective
  • Conduct malware analysis to determine capabilities and aid the response of an incident
  • Digital Forensics experience across open source and commercial tools with knowledge of industry standard process and methodology
  • Demonstrable ability to manage client interactions
  • Good interpersonal and communication skills
  • Ability to provide technical mentorship to both technical and nontechnical audiences
  • Endpoint and networkbased analysis. (EDR, WAF, IDS/IPS, NGFW, Network Anomaly etc.)
  • Experience with Microsoft Azure Cloud Security products
  • Intelligence lead threat hunting and methodology
  • Ability to hunt for known and unknown threats and disseminate intel into TECHINT/OPINT for IOC/TTP integration into SOC detection and protection capabilities
  • Support security content generation in rule/signature detection with an understanding of rule logic, KQL and vendor specific DevSecOps
  • Any sector specific knowledge will also be helpful, an MSSP customer base covers many different sectors
  • Disassembly (low level programming language)/ reverse engineering experience will be helpful

Desirable skills and experience:


  • Industry recognised certification relating to Cyber Security Incident Response (desirable)
  • Offensive Security Certified Professional or equivalent (desirable)
  • GIAC certification in GCFE, GCFA, GCIH or GCIA (desirable)
  • SANS Defensive and DFIR certifications (desirable)
  • ISC2 CISSP (desirable)
  • Solid grasp of any of the following security frameworks; NIST, PCI DSS,

ISO:
27001 or The Critical Security Controls for Effective Cyber Defence

  • Understanding of compliance requirements and how these relate to cyber security business practises and controls

Behaviours:


  • Ability to remain calm and collected throughout the management and handson activities of a security incident
  • Ability to manage time and work to deadlines with strong prioritisation skills
  • Good interpersonal skills and ability to collaborate with multiple teams
  • Ability to understand technical engagements
  • Willingness to learn, question and continually develop

Our offering:


  • 25 days of Annual leave + an option to purchase more through our Flexible Benefits
  • Flex benefits system exciting opportunity to choose your own benefits
  • Retail discounts
  • Pension matching contribution up to 10%
  • Private Medical Scheme
  • Life Assurance
  • Unlimited opportunities to learn in our Training platforms
  • If you want to find out more or have questions, contact our recruiter Diana Mihaylova | LinkedIn
  • Here at Atos, diversi
More jobs from Engage ESM
See all jobs of Engage ESM