Security Threat Intelligence Analyst

This job has now expired please search on the home page to find live IT Jobs.

Security Threat Intelligence Analyst - Norwich - 3-6 Month Contract

My client, a large Outsourcing organisation are looking a number of Security Threat Intelligence Analysts to join them in Norwich to assist one of the Insurance clients they provide services to. The role is for a number of people to join initially for 3-6 months and can offer a competitive daily rate.

The role is working in a global business and technology leader, innovating in research and development to shape the future of society at large. Working in a company always innovating and thinking ahead.

Job requirements

* Candidates should have around 8 years of experience in IT Security and 4 years of experience in Threat Analysis, Hunting & Use case Design.

* Hunting for indicators of compromise (IOCs), using various toolsets, based on intelligence gathered (including internal, external and 3rd parties)

* Using intelligence on emerging threats to develop attack detection playbooks, additional defense plans and strategies

* Ability to recognize, deduce, research attacks and attack patterns

* Using knowledge and experience of attacker behavior and tactics, techniques and procedures (TTPs) to drive detection of threats across the enterprise by combining the log output of different security devices to build use cases

* Conduct system threat modelling to improve threat detection

* Ability to de-compose threats and map to kill-chain, and design use cases for detection of threat at each stage of kill chain, and also to identify right controls, log sources & rules & threat feeds required for the use case. And develop play/run books for detection and response, for the use case designed.

* Ability to translate security impacts to the wider business

* Knowledge of cyber security threats, threat actors and their associated TTPs

* Skills to analyse attack vectors against a particular system to determine attack surface

* Ability to produce attack models applied to a scenario

* Ability to demonstrate problem areas using kill-chain techniques and attack path analysis

* Knowledge of security controls, how they can be monitored, and thwarted

* Knowledge of log formats for syslog, http logs, DB logs and how to gather forensics for traceability back to a security event

* Experience with security devices such as SIEM, IDS/IPS, HIDS/HIPS, anomaly detection, Firewall and Antivirus systems and their log output

* Network forensics: network traffic protocols, traffic analysis (i.e. Network flows and PCAP), intrusion detection

Additional Desirable Job Requirements

* Takes an active part in the gathering, analysis, and communication of threat intelligence through the intelligence process/life-cycle

* Provide intelligence briefings to other areas of the business on threats or threat actors and the risk they bring to the environment

* Coordinates the planning, development and production of communication materials using various communication vehicles

* Interface with Security Operational Center (SOC) management and related internal groups for review, production, and dissemination of content

Optional Technical Competence

* Experience with Security Assessment tools (NMAP, Nessus, Metasploit, Netcat)

* Experience in technical publication management

About the client:

A globally integrated enterprise, operating in over 170 countries. Employees, bringing innovative solutions to a diverse client base to help solve some of their toughest business challenges. In addition to being the world's largest IT and consulting services company, It is a global business and technology leader, innovating in research and development to shape the future of society at large. Its research, development and technical talent around the world partner with governments, corporations, thinkers and doers on ground breaking real world problems to help make the world work better and build a smarter planet.