This Job Vacancy has Expired!

Cyber Intelligence Analyst

CBS butler

Posted on Jan 4, 2023 by CBS butler

City, London, United Kingdom
Immediate Start
£45k - £80k Annual

Cyber Intelligence Analyst

Salary: £45,000 - £80,000 (experience dependent)

Role clearance type: You must be able to gain and maintain UK Government clearance

Location: Remote with regular on-site presence in Cheltenham/London and other locations as the business requires.

Our employees have incredible opportunities to work on revolutionary systems that impact people's lives around the world today, and for generations to come. Our pioneering and inventive spirit has enabled us to be at the forefront of many technological advancements in our nation's history - from the first flight across the Atlantic Ocean, to stealth bombers, to landing on the moon. We look for people who have bold new ideas, courage and a pioneering spirit to join forces to invent the future, and have fun along the way. Our culture thrives on intellectual curiosity, cognitive diversity and bringing your whole self to work - and we have an insatiable drive to do what others think is impossible. Our employees are not only part of history, they're making history.

Part of Northrop Grumman's Intelligence and Response (I&R) team, this role is a member of a small team that delivers computer network defence support in the UK, providing day-to-day security monitoring operations and services protecting NG's computing infrastructure from sophisticated threats and strategically positioning the infrastructure to defend against the threats of tomorrow. This position balances constantly shifting and competing priorities to respond to the fluid nature of the global cyber threat landscape.

Person Specification

Essential Qualifications/Experience

  • CSOC experience
  • Experience in the analysis of network communication protocols at all layers of the OSI model
  • Experience in an analytical role focused primarily on network forensic analysis
  • Evidenced experience of conducting analysis of electronic media, log data, and network devices in support of intrusion analysis or enterprise level information security operations
  • Track record of using two or more enterprise level perimeter or endpoint security products
  • Experience of large data sets and high-performance computing systems in a high threat environment
  • Experienced in applying and developing cyber threat intelligence methodologies

Competency/Skill requirements

  • Adept at two or more analysis and forensic tools used in a CSIRT or similar investigative environment
  • Substantial awareness of current host, network vulnerabilities and exploits, advanced computer network exploitation methodologies and tools
  • Broad knowledge of current and evolving Information Technology and Information Security practices
  • Linux/Unix and Windows proficiency, including Shell (bash, powershell, etc.) Scripting
  • An advanced user of Perl, Python, or other Scripting languages preferred
  • Able to exercise sound judgment when escalating issues
  • A creative thinker, particularly around remediation and countermeasures to challenging information security threats
  • Self-motivated, able to work autonomously and collaboratively as part of a wider, virtual team
  • Excellent interpersonal skills, able to engage effectively with a wide range of stakeholders and customers
  • Fluent in written and spoken English
  • Strong analytical skills, adept at trouble-shooting and problem-solving, with excellent attention to detail
  • Flexible and responsive attitude
  • Highly-organised and proficient at multi-tasking, working with and resolving competing priorities
  • Strong customer orientation

Key responsibilities

  • Perform analytical duties to include security monitoring, host and network based log analysis, correlation of network threat indicators and PCAP data, analytical triage, incident response (both intrusion and privacy related)
  • Have knowledge of and be able to define and recommend security policy changes to security devices such as Firewalls, proxies, email gateways, Intrusion Detection/Prevention Systems, end-point application whitelisting and anti-virus solutions, and Data Loss Prevention solutions
  • Undertake network forensic duties including:
  • host- and network-based log analysis
  • correlation of network threat indicators and PCAP data
  • analytical triage and prioritisation of concurrent incidents
  • incident timeline generation
  • root cause analysis and remediation
  • independent generation of customized scripts to facilitate analysis and preparation of detailed written reports
  • Perform host-based cyber forensics investigations (including live memory and system image acquisition, maintaining chain-of-custody, producing investigative reports) in support of data recovery, Incident Response, HR/Ethics employee investigations, Insider Threat investigations, and Legal/litigation cases as needed
  • Collaborate with I&R and Strategic Counterintelligence (CI) analysts worldwide to co-ordinate a multi-tiered approach to cyber threat mitigation and tracking of trends which will result in the denial of current and future adversary actions
  • Perform malware analysis to determine and mitigate again adversary tactics, techniques, and procedures, and undertake or assist with reverse engineering of adversary tools
  • Execute cyber-threat hunting, vulnerability scanning, and penetration testing (as needed)
  • Generate custom Scripting and coding to facilitate effective processing of cyber threat related indicators and data
  • Carry out cyber-threat intelligence and counter-intelligence missions as a key component of the analytic role, including Cyber Kill Chain reconstruction, identification/analysis/mitigation of adversary infrastructure and avenues of approach, and research on adversary attribution and intentions
  • Conduct cyber-threat trend analysis and reporting, and devise pro-active mitigations to reduce risk
  • Provide security consulting and briefing support to company leadership in the areas of policy, cyber threats, cyber exercises, network security infrastructure/products
  • Assist in security architecture planning, design and testing of new technologies and capabilities to optimise security posture and cost effectiveness as needed
  • Assist in cyber security-related business development efforts, to include program capture efforts, proposal strategy and planning, resource assessments, and direct-charge program SOC support as needed
  • Establish and maintain positive working relationship with corporate network security stakeholders in EMEA and the U.S., as well as U.K. government/defence points of contact as necessary
  • Produce high-quality written threat activity highlights and monthly summary reports to be incorporated into summaries for highest level corporate leadership dissemination
  • Support production of cyber-threat educational material for employees.

Reference: 1844765776


Alert me to jobs like this:

Digital marketing manager in London, Full-time

Amplify your job search:

CV/résumé help

Increase interview chances with our downloads and specialist services.

CV Help

Expert career advice

Increase interview chances with our downloads and specialist services.

Visit Blog

Job compatibility

Increase interview chances with our downloads and specialist services.

Start Test