Junior Cyber Hunt Team Analyst
Recruiter
Listed on
Location
Salary/Rate
Salary Notes
Type
This job has now expired please search on the home page to find live IT Jobs.
As a Junior Cyber Hunt Team Analyst you will work as part of the wider IT Security team supporting a global collection of Cyber Security Operations Centres (CSOCs) in the overall management of cyber security incidents to successful resolution and you will report to Global Security Operations Manager. In this role you will be working within a niche team responsible for reducing cyber threats to the organisation. You will be required to understand the enterprise threat landscape in which Rolls-Royce operates and apply your knowledge using threat intelligence gleamed from the Enterprise tooling and the outsourced CSOCs. You will define the toolsets which best enables you to meet your objectives in hunting down cyber threats and vulnerabilities.
Rolls-Royce Cyber Hunt Team Analysts work within the threat management arena as part of an Advanced Cyber Unit (ACU). The team is tasked with actively identifying threat agents attacking (or planning to attack) the organisation and quelling the problem at the earliest possible juncture. They are also tasked with ensuring that future attacks from the same threat agent are unsuccessful.
The team's remit is the detection, disruption and eradication of threat actors from Rolls-Royce by:
* Identifying who has attacked / is about to attack the organisation. This involves analysing threat intelligence, evaluating threats and vulnerabilities and generating hypothesis.
* Understanding threat actor's modus operandi - how they work and what tools / technologies they use.
* Leading hunt exercises using threat intelligence, analysis of anomalous log data, brainstorming sessions and attack tree analysis to detect and eradicate threat actors.
* Suggesting modifications to internal defences and processes for more effective and efficient security operations.
* Providing expert analytic investigative support of complex security incidents.
* Assisting in the development of best practice within operational security.
Key Accountabilities:
* Utilising a variety of intelligence sources to maintain a strong awareness and understanding of the current threat landscape.
* Monitoring and analysing logs, packet captures and alerts from a variety of different data sources (IDS/IPS, Firewall, Proxies, Anti-Virus, SIEMSs, etc.), across multiple platforms.
* Possessing a deep understanding of threat actor tactics, techniques and procedures, vulnerabilities, attacks and countermeasures plus an understanding of the cyber kill chain in relation to Advanced Persistent Threats (APT's).
* Providing situational security awareness by combining information from a variety of systems and normalizing / correlating the information.
* Identifying suspicious and / or anomalous activities and taking appropriate action based on documented processes and procedures for which you will have a key role in the development of.
* Continuously seeking to identify potential service / tool improvements which will enhance the delivered services.
* Supporting the Global SOC in managing security incidents through all phases of the incident response lifecycle from identification through to closure including liaising with Rolls-Royce counterparts around the world to provide global coverage.
* Creating comprehensive security assessments which articulate security issues, analysis and remediation techniques.
* Assisting Customers and key stakeholders with security related issues and advice including escalating and explaining severe security incidents verbally and in writing. Defining toolset requirements, supporting the selection of appropriate tools and in some cases developing in-house capability to support the needs of the Advanced Analytic team's long term strategy and technology roadmaps.
* Contributing to information sharing partnerships and conducting research on emerging security threats and potential customer impact.
Qualifications
Essential:
* A passion for security, learning, and knowledge sharing; analytical and curious mind-set to carry out investigations.
* Experience of using common security tools such as SIEMs and networking mapping, vulnerability scanning and packet capture and data analytics tools.
* Experience of using ITIL compliant processes.
* Experience of network anomaly detection using traffic analysis or network intruder detection systems.
* Experience of working with Cyber Security Operations Centre environment and of managing cyber security incidents from initial to final resolution.
* CISSP, GIAC (GSEC), GCIH, CEH, CHFI or related security certifications would be of advantage as would previous experience of working as part of a hunt team.
Desirable:
* Knowledge or experience of following would be an advantage SANS, GIAC, GCIA, SANS, GIAC, GCIH, CISSP, CCNA, MCSE.
* ITIL Intermediate Course in Service Operations or OSA.
* Passion for all things information technology and information security and natural curiosity and ability to learn new skills quickly.
* Experience as a Security Analyst.
* A proven track record of delivery in a multi-disciplined environment.
* Demonstrable experience of security related incidents and work requests.
* Familiarity with industry leading security products.
* Knowledge of Full Packet Capture or SIEM toolsets and Intrusion Detection Systems.
Innovation is in our DNA at Rolls-Royce. We create integrated power solutions that continually break new ground across multiple markets.
Create momentum. Join us and you'll develop your skills and expertise to the very highest levels, working in an international environment for a company known the world over for excellence and innovation.
Trusted to deliver excellence.
We are an equal opportunities employer.
This role is subject to Full UK Security Clearance.
