Principal Security Specialist - Threat Defense
Posted on Oct 25, 2019 by Stanton House
Stanton House have partnered with a FTSE 250, leading IT Infrastructure provider, who are looking for an ambitious, experienced Principal Security Specialist to join and contribute heavily to the strategy and development of their expanding SOC. This rapidly growing, dynamic organisation pride themselves on 2 key principles: outstanding customer service and employee satisfaction - and last year were ranked the No.1 place to work based on this.
Working as part of the SOC, the Principal Security Specialist will be the most experienced technical go-to within the team, taking ownership for complex incidents, customer management and developing the company's SOC which aims to double in size over the next year. You will be required to support Junior Analysts within the team, as well as supporting the Security Practice Lead to set the security strategy. There is no shift work involved with this role.
- Assist in the build out of the organisation's Cyber Security Services
- Help shape and improve the current tools and provide guidance to Junior Analysts
- Be a Subject Matter Expert on recent incidents - specifically around web applications databases and desktop tools
- Build relationships with relevant stakeholders to successful identify, evaluate and communicate new and ongoing cyber threats
- Use threat intelligence feeds and threat monitoring tools to identify data breaches and network compromises within the customer networks
- Identify areas of automation in existing platforms and provide guidance on how to improve this - SOAR
- Strong, hands on experience, with SIEM tools (IE ArcSight, Nitro, Q-radar, Splunk, Alien Vault)
- The ability to use relevant intelligence research tools to advise on the threat to clients
- Solid experience in Incident response, Forensic Investigations and Threat Actor Methodologies
- Relevant security certification - CISSP/CISM/GIAC/GCIH
- Strong communication both written and oral - the capability to build rapport with customers and relay high level, complex technical and intelligence related information in Lehman's terms
- Help drive SOAR
- Knowledge of Technical Security Systems, Security Architecture, Security Technology, and associated Penetration Testing and Security Event Management methodologies
- Must have previously worked in a Cyber Security Incident Response role
- Previous client facing experience - MSP/MSSP
Please apply now and get in touch directly for more information.