Jobs

    Senior Cyber Event Analyst - High Street, United Kingdom - NBC Universal

    NBC Universal
    NBC Universal High Street, United Kingdom

    1 week ago

    Default job background
    Technology / Internet
    Description

    Company Description
    We create world-class content, which we distribute across our portfolio of film, television, and streaming, and bring to life through our theme parks and consumer experiences. We own and operate leading entertainment and news brands, including NBC, NBC News, MSNBC, CNBC, NBC Sports, Telemundo, NBC Local Stations, Bravo, USA Network, and Peacock, our premium ad-supported streaming service. We produce and distribute premier filmed entertainment and programming through Universal Filmed Entertainment Group and Universal Studio Group, and have world-renowned theme parks and attractions through Universal Destinations & Experiences. NBCUniversal is a subsidiary of Comcast Corporation.
    Here you can be your authentic self. As a company uniquely positioned to educate, entertain and empower through our platforms, Comcast NBCUniversal stands for including everyone. Our Diversity, Equity and Inclusion initiatives, coupled with our Corporate Social Responsibility work, is informed by our employees, audiences, park guests and the communities in which we live. We strive to foster a diverse, equitable and inclusive culture where our employees feel supported, embraced and heard. Together, we'll continue to create and deliver content that reflects the current and ever-changing face of the world.
    Job Description
    Responsibilities:
    NBCUniversal's Cyber Threat Operations team is responsible for providing cyber threat intelligence, event analysis, incident response and threat hunting for all areas of NBCUniversal in a highly collaborative, fast paced, and agile fashion. As a member of the Cyber Response team, a candidate can expect to utilise their technical expertise to assess, contain, and remediate cyber threats. The Sr Cyber Event Analyst is responsible for analysis, escalation and initial response actions of security events and alerts to incidents.
    The ideal candidate would have a working knowledge of current and relevant security technologies and how to apply them to cyber event analysis and response actions. A clear investigative methodology with a focus on preserving evidence and analysing data to form conclusions that will steer response directions. Experience analysing and responding to security events and incidents with practical and working knowledge of response analysis methodologies and enhancing security response processes.
    The role involves regular interaction with various groups and leadership within the organisation in order to accomplish job responsibilities. Working under the direction of the Manager, Cyber Response, the successful candidate will be responsible for participating in the following activities:
    • Day-to-day operational tasks related to the ongoing support of Cyber Operations.
    • Responsible for documenting evidence throughout the incident life cycle, conducting shift handovers, escalating security events to incident response, and providing support during cyber security incidents.
    • Responsible for the ticket queue triage: prioritisation, assignment and disposition of security incident tickets/events.
    • Responsible for analysing threat data from multiple sources and building evidence backed dispositions.
    • Responsible for front line triage and response including some containment and remediation actions such as network isolation of hosts and blocking indicators of compromise within security perimeter tools.
    • Analyst must keep detailed reports on all analysis activity, documented in the case management tool to validate process adherence.
    • Responsible for contributing to the creation and updating of new and existing SOAR playbooks and runbooks and general response documentation.
    • Identify operational gaps in security processes, provide ideas for solutions, and take ownership for implementation.
    • Act as a mentor for non-senior level Cyber Event Analysts.
    Qualifications
    Qualifications/Requirements:
    • Must live within a commutable distance to the office for any adhoc business needs.
    • Bachelor's Degree in an IT related field and/or equivalent work experience.
    • Experience in analysing cybersecurity events, and incidents.
    • Experience investigating network and host intrusions, malware, and phishing campaigns.
    • Working experience utilising centralised logging platforms to perform investigations (SIEM).
    • Minimum 4 years working in Cyber Defense field with experience in Incident Response, Security Analysis or Security Operations Center (SOC). (not an entry level position)
    • Previous experience supporting security response functions.
    • Working knowledge of core Enterprise IT concepts (web application architectures, networking, etc.).
    • Security experience with Cloud infrastructures (AWS, GCP, and/or Azure).
    • Experience with host-based and network-based forensics tools and analysis.
    • Knowledge of the cyber threat landscape to include different types of adversaries, campaigns, and the motivations that drive them.
    • Knowledge of industry recognised security and analysis frameworks (Mitre ATT&CK, Kill Chain, Diamond Model, NIST Incident Response, etc.).
    • Must be self-motivated and able to work both independently and as part of a team.
    • Strong communication (both verbal and written).
    • Well organised and detail oriented with ability to prioritise workload.
    • Ability to be on call and provide support during nontraditional working hours.
    Desired Characteristics:
    • Hands on experience working with Incident Response and Threat Monitoring SOC functions.
    • Previous experience providing incident response/SOC support.
    • Previous experience with various endpoint detection and response (EDR) technologies.
    • Previous experience working with various Forensics technologies to include EnCase, FTK, etc.
    • Demonstrated experience working with network tools and technologies such as firewall (FW), proxies, IPS/IDS devices, full packet capture (FPC), and email platforms.
    • Interest in conducting static, dynamic, or reverse engineering malware analysis.
    • Relevant certifications (GCIA, GCIH, GCFA, GNFA, etc.).
    Additional Information
    NBCUniversal's policy is to provide equal employment opportunities to all applicants and employees without regard to race, color, religion, creed, gender, gender identity or expression, age, national origin or ancestry, citizenship, disability, sexual orientation, marital status, pregnancy, veteran status, membership in the uniformed services, genetic information, or any other basis protected by applicable law. NBCUniversal will consider for employment qualified applicants with criminal histories in a manner consistent with relevant legal requirements, including the City of Los Angeles Fair Chance Initiative For Hiring Ordinance, where applicable.
    If you are a qualified individual with a disability or a disabled veteran, you have the right to request a reasonable accommodation if you are unable or limited in your ability to use or access as a result of your disability. You can request reasonable accommodations by emailing email protected .