This role is an exciting opportunity to join us and work within our Cyber Fusion Centre (CFC). As we continue to evolve its business models to keep them efficient and effective in the face of increased IT and digital threats, the CFC is an Intelligence Hub, and future-proofed not just responsible for traditional “detection” and “response” of security incidents but will monitor, react and detect - that will inform decision making at every level of the business.
What you'll do:
- Analysing and investigating security incidents and phishing alerts as first responders.
- Ensure timely accurate tailored remediation and countermeasure communications to internal users and teams regarding intrusions and compromises to on-boarded host and network infrastructure, applications and operating systems.
- Keep up to date with the latest security, vulnerability and technology developments.
- Assist with creation and maintenance of security incidents response documentation.
- Monitor and analyse advanced threat events, Security Incident and Event Management (SIEM), User Behaviour and Analytics (UBA) and Endpoint Detection Response (EDR) toolsets and event logs to identify security indicator of compromise, attacks and threats for remediation and / or suppression.
- Responsible for Computer Security Incident Response activities; work with various lines of security analysts (internal and external) to identify various malicious threats in the Group enterprise environment.
What you'll bring:
- 2/4 years' experience in security operations, security analytics or security engineering roles
- +2 years' experience in Investigative or Incident Response environments
- Excellent knowledge of Computer Networking and IT Security.
- Excellent knowledge of common operating systems (e.g., Windows, Linux and Unix)
- Good oral and written communication in English.
- Excellent knowledge of different threat scenarios and their incident response and remediation technique