Posted on May 7, 2020 by LA International Computer Consultants Ltd
CYBER SECURITY INTELLIGENCE ANALYST
IR35 STATUS: N/A
RATE - NEGOTIABLE
JULY START DATE
* SECURITY CLEARANCE REQUIRED.*
As the Incident Handling Officer dedicated to the interaction with Partners of the Organisation, Embedded within the Computer Incident Response Centre working environment, the successful candidate will be required to use their knowledge and experience to work on Cyber Security Incident Handling and Reporting, with an emphasis on post - Incident Analysis.
Their role will involve fusing Cyber Threat Intelligence & Analysis from all relevant sources currently available to CIRC for redistribution based on existing MoUs, Technical Agreements and Industry Partnership Agreements. The incumbent will also be in charge of engaging with Cyber Threat Intelligence Stake Holders to improve the quantity/quality of information exchanged. The incumbent will maintain the content of existing information sharing platforms (ie. MISP) as well as propose improvements. They will foster and maintain an active information sharing relationship with
Partners and contributes to products.
*Collation/Analysis of Cyber Threat Intelligence.
*Dissemination of Cyber Threat Analysis to the appropriate audiences.
*Pro -active engagement with the Cyber Threat Intelligence Community both internal/external to the organisation.
*Monthly reporting on approved KPls for Cyber Threat Intelligence sources.
*Creation/maintenance of Standard Operating Procedures (SOPs) to support all aspects of their role.
*Monthly reporting to both the Customer and Business Stake Holders.
*Ad-hoc taskings from the Incident Management Section (IMS) in support to investigations;
*Improvement of processes for receiving, searching, analysing, and storing cyber threat data.
*Design/maintain/improve an automatic Cyber Threat sharing capability.
*Regular, at least monthly, Knowledge Transfer meetings with appropriate Stake Holders, focusing on:
*Key Cyber Security Threats, particularly those that may have an impact on Significant Cyber Security Incidents, including relevant post-Incident Analysis.
*Improvements to the Cyber Security processes currently in use
*Cyber Security Incident Trends.
Skills and Experience
*Significant demonstrable experience in Cyber Security related environment, with an emphasis on both event analysis and post-Incident Management.
*Experience in liaising at both the technical and managerial level in the successful resolution of Cyber Security Incidents, the incumbent must have excellent written and spoken communication skills.
*Experience in producing accurate and meaningful reports, both technical and managerial, on activities related to Cyber Security Incidents.
*Experience I Education Equivalence: If the candidate has a RELEVANT degree (eg Computer Security), this counts towards equivalence for the demonstrable experience, however irrespective of the candidate's education, some hands on experience within an equivalent role is required:
*Essential to have one or more professional SANS (eg, GSEC, GCIA) and/or CISSP and/or CISM Certifications.
*Senior level of management and analysis of (ie Security Event Analyst experience) Cyber Security Incidents, and/or configuration, operation, troubleshooting and management (ie Tools Specialist) in at least one of the following areas, and a high level of experience in several of the other areas: ArcSight products, Network Based Intrusion Detection Systems (NIDS), Host Based Intrusion Detection Systems (HIDS), Network security appliances and networking devices and associated management software. A variety of Security Event generating sources (eg Firewalls, IDS, Routers, Security Appliances), Computer Incident Response Centre (CIRC), Computer Emergency Response Team (CERT), Computer Forensics Tools (stand alone, online and network).
*Computer Security Tools (Vulnerability Assessment, Anti-virus, Protocol Analysis, Anti-Virus. Protocol Analysis, Anti-Spyware, etc.). Secure web design and development. Military communication systems and networks. Network, system and application level troubleshooting techniques.
*Ability to effectively manage own workload in a high tempo environment to Time, Quality and Standards
*Ability to effectively communicate technical solutions to various audiences, both technical/non-technical.
*Be self-motivated and driven to follow-up Cyber Security Incidents to their logical conclusion.
*Ability to work in an International environment Embedded in the Customer's location in mainland Europe.
LA International Computer Consultants Ltd is an HMG Approved Consultancy and operates as an IT & Engineering Consultancy or as an Employment Business & Agency, depending upon the precise nature of the work, for security cleared jobs or non-clearance vacancies, we welcome applications from all sections of the community and from people with diverse experience and backgrounds.
Award Winning LA International Computer Consultants Ltd (Recruiter Awards for Excellence - Best IT, Best Public Sector & Gold Awards) and the most prestigious award that any business can receive The Queens Award for Enterprise: International Trade 2015.