Are you interested in Data and all its possibilities? Do you want to work on innovative, leading edge projects for some of the worlds’ largest organisations?
At Converging Data, we deliver Data Analytics, Cyber Security and IOT solutions. We work across Healthcare, Financial Services, Transport and logistics, for customers such as NHS Digital and William Hill.
We’re looking for a Cyber Security Analyst to develop and run security processes day-to-day, working directly within the Security Operations Centre (SOC) team of one of our largest customers. You’ll focus on the detection, investigation, and resolution of security incidents by applying a blend of your technical skills, experience, and knowledge of security principles. You will contribute to the effectiveness and maturity of the team by contributing to tooling, updating and creating new play books, and keeping abreast of the latest patterns and trends within the wider security arena.
The quality of our people is the core of our business. If you have a genuine interest in the delivery of analytics-based security solutions, we want to hear from you. The work can vary enormously, and can be technically challenging, but we invest heavily in your training and you’ll have the support of a knowledgeable, friendly team.
Essential Skills and Experience
- Experience of handling sensitive and highly regulated data.
- Triage of security alerts; employs a methodical and coherent response to security incidents.
- SIEM tooling operation or administration (e.g. Splunk, ELK Stack, QRadar).
- Utilise playbooks, checklists, and online resources for guidance in response to incidents.
- Proactive development of SOC tooling, techniques, and processes to improve incident response.
- Propose improvements and recommendations to increase visibility and effectiveness of security monitoring systems.
- Perform technical analysis from varied data sources (endpoint event logs, SIEM data, dashboards, enterprise applications), then develop and present coherent and reasoned next steps.
- Leverage your technical skills, experience, and systems data to respond to complex security incidents in an innovative and effective manner
- Use your hands-on experience and theoretical understanding of TCP/IP and other related network protocols: TCP, ARP, ICMP, DHCP, DNS, HTTP, SNMP.
- Command line experience and using/modifying basic scripts.
- Working knowledge of the Cyber Kill Chain and/or Incident Response Phases.
- Broad understanding of key security concepts/principles (CIA, threats, vulnerabilities, and exploits).
- Broad understanding of commonly-accepted attackers’ tools and tactics.
Desirable Skills and Experience
- Strong background in Information Technology;
- Proficient in some of the following within a corporate environment:
- Endpoint operating systems (e.g. Microsoft, Linux, and/or OS X).
- Core networking principles (e.g. switches, routers, wireless access points, Internet).
- Infrastructure security devices (e.g. firewalls, proxies, IDS/IPS).
- Supporting enterprise level services (e.g. AD, DNS, DHCP, IIS, Apache, VPN/DA, Databases).
- Anti-virus, anti-malware, ransomware, data leak protection.
- Vulnerability management, endpoint forensics, intrusion analysis activities.
- Cloud computing platform (e.g. AWS, Azure, GoogleCloud).
- Open Source Security tools.
- One or more from: Python, PowerShell, Bash, Java.
- Exposure to Agile/DevOps methods of working.
What we offer
As well as the opportunity to be part of a great team, delivering Cyber Security into some of the world’s largest organisations, we offer a competitive Salary + bonus.
We also provide a highly structured development plan which will see us invest heavily in your training and provide you with the a high level of Splunk accreditation.
Work patterns are flexible, and you get to work with some nice people. If this sounds interesting, then get in touch and come and have a chat.
No agencies please.