CSIRT Incident Lead

Recruiter
Quaero Group
Location
Uxbridge, London (Greater)
Salary
Up to 80k per annum plus benefits and Car allowance
Posted
12 Jul 2019
Closes
09 Aug 2019
Ref
CSIRT/HM/CS/221
Sector
IT, Security
Job Type
Permanent

CSIRT Incident Lead - Uxbridge London

£70-80,000 pa

Please note that there is no visa sponsorship on offer. All candidates should therefore ensure they are eligible to work in the UK without the need for visa sponsorship before applying.

My client, a highly recognisable brand and market leader in their industry, are looking to hire a CSIRT Incident Lead to lead a Cyber Operations team which covers, event management; identity & access management; incident management and response; IT process interface; investigations and forensics; endpoint security operations; threat hunting; Cyber security incident response (CIRT) and security Monitoring.

Must Haves;

Familiarity with appropriate legal frameworks - GDPR being the key focus

 

Deep understanding of Risk Management Framework

 

Experience of working in an Agile environment as part of a multi-disciplined team

 

Strong knowledge and demonstrable experience of cyber security technologies and methods

 

Security event log collection and analysis

 

Strong experience in enterprise operating systems (Wintel; Linux; Unix)

 

Solid experience in multi-vendor networks and firewalls (Cisco, Palo Alto, Juniper)

 

Good experience in Database technologies (SQL, Oracle, DB2, Mongo)

 

Experience of vulnerability and threat assessment

 

Experience of Intrusion detection and prevention systems

 

Experience of Web-based application security including Akamai Kona, Apigee etc.

 

Ability to develop custom code (perl / shell scripting etc.)

 

Experience of Cloud systems and their architecture (Azure, AWS, Office 365)

 

Experience of working in a 24/7 Security Operations Centre environment or similar

 

Experience of Incident Handling processes and procedures

 

Knowledge of legal requirements for privacy of personal information from employees and customers

 

Demonstrable experience of working effectively with managed suppliers and vendors

 

Strong working knowledge of Splunk and log analysis in an enterprise environment

 

Exposure to numerous malware variations and IOC's.

 

Understanding of Java web applications and their security configurations.

 

Splunk (Core, ES and UBA)

 

Knowledge of protocols including E-mail / SMTP, DNS, SSL / TLS

 

Windows Active Directory and Policies

 

CASB

 

System Configuration including Microsoft Intune & SCCM

 

IBM Resilient

 

ITSM Tools including Remedy & Remedy CMDB

 

Nice to Haves;

 

Industry Standard qualifications and training (SANS; GIAC; CISP), and/or recognised security certifications

 

Similar jobs

Similar jobs