Cyber Security Incident Responder

Cyber Security Incident Responder

Description

This role would suit someone who has worked with a diverse set of IT and Security functions and tools, across a large on-premise and cloud environment.

You will be proficient in incident response with an understanding of real-world APT tools, tactics, and procedures, and be able to quickly determine the nature of the threat and deliver the appropriate response. Also using this knowledge to aid in a proactive approach to incident preparation and detection.

The role would suit someone with a technical background who is able to work in a team but is also able to work on their own when required. The ability to communicate effectively, constructively, confidently, and professionally is key. The successful candidate will be responsible for participating in the day-to-day operations of the IR team & its improvement strategies, including stakeholder management internally and with external partners.

A key focus for the successful candidate will be around building on the response capabilities that are already in place for our cloud platforms, as well as expanding our relationships with our 3rd parties and group entities.

Essential Skills

• 2+ years of experience conducting security incident response investigations
• Recognised qualifications or experience in Computer Science / Information Security or equivalent industry qualifications
• Experience of incidents in the cloud as well as the appropriate responses required
• Demonstrated experience in cloud-based infrastructure including Microsoft Azure; Office 365; Amazon AWS and Google Cloud
• Proven experience of developing in-house response tools and capabilities utilising automation where possible
• Ability to correlate events from various sources to create incident timelines, as well as combining events for trend analysis over longer periods of time
• Be independent and self-motivated to overcome new challenges, often cases which no one internally has ever faced before
• Ability to actively manage workloads to meet business and department requirements
• To be able to demonstrate a professional, calm, and expert manner always, while also being able to show leadership during stressful situations
• Experience of reverse-engineering malware samples and C2 protocols
• Experience of conducting and participating in tabletop exercises with the wider security operations team
• Demonstrated experience in stakeholder management both internal and 3rd party engagements

Desired Experience

• Some practical programming knowledge or experience in writing scripts in languages such as Python, PowerShell, and Bash
• Basic knowledge of common networking and routing protocols (e.g. TCP/IP), services (e.g. TLS, DNS, SMTP)
• Understanding of Windows event log analysis
• Mentoring and team-working skills – ability to mentor as well as to learn from other team members
• Ability to review peer incident notes and reports with a keen attention to detail and excellent analytical skills
• Understanding of the Cyber Kill Chain, MITRE ATT&CK and other information security defence and intelligence frameworks
• Experience in Blue/Purple team engagements
• A basic understanding of digital forensics in relation to networks, volatile and disk
• Collation of statistics for upper management briefing packs

About Admiral

We're Wales’ only FTSE 100 company. We have forward-thinking approaches and provide endless opportunities to test, learn and grow. There's a reason we've been named a Best Place to Work: our progressive culture, core values, and commitment to diversity and inclusion have created a working environment where people share ideas, aren’t afraid to speak up and change things, and above all, feel valued.

Admiral has grown from being a small start-up into a multi-national organisation. The company is constantly investigating new products, services and markets and is now present in eight countries with a diverse product portfolio.

Our success goes hand-in-hand with having a strong culture where we put our people and customers first. Our philosophy is simple yet effective: people who like what they do, do it better, and this, in turn, means that our customers receive the level of service and products that they deserve. Our culture is honest, open and wholeheartedly focused on four key areas:

Communication, Equality, Reward & Recognition, and Fun.

Salary, Benefits and Work-Life Balance

We do not have a set salary for this position, as it will be dependent on the successful candidate’s experience. We are happy to see CVs from all candidates who meet the requirements and will be happy to discuss the remuneration package.

At Admiral, we are proud to be a diverse business where we put our people and customers first. We have great benefits to ensure employees have a great work-life balance; it's one of the reasons we're voted no. 1 in the 2019 Sunday Times Best Big Companies to Work For in the UK. We want you to have an element of freedom to define a working lifestyle that supports this, so accommodate flexible hours wherever possible.

You can also view some of our other key benefits here; https://admiraljobs.co.uk/employee-benefits/.

If you think this role is for you and would like to be considered for this opportunity, please click “apply now” to complete an online application form.

Please note, we are unable to accept CVs via email and from agencies. 

#LI-LP1