CSIRT Incident Lead

Quaero Group
Uxbridge, London (Greater)
Up to 80k per annum plus benefits and Car allowance
12 Jul 2019
09 Aug 2019
IT, Security
Job Type

CSIRT Incident Lead - Uxbridge London

£70-80,000 pa

Please note that there is no visa sponsorship on offer. All candidates should therefore ensure they are eligible to work in the UK without the need for visa sponsorship before applying.

My client, a highly recognisable brand and market leader in their industry, are looking to hire a CSIRT Incident Lead to lead a Cyber Operations team which covers, event management; identity & access management; incident management and response; IT process interface; investigations and forensics; endpoint security operations; threat hunting; Cyber security incident response (CIRT) and security Monitoring.

Must Haves;

Familiarity with appropriate legal frameworks - GDPR being the key focus


Deep understanding of Risk Management Framework


Experience of working in an Agile environment as part of a multi-disciplined team


Strong knowledge and demonstrable experience of cyber security technologies and methods


Security event log collection and analysis


Strong experience in enterprise operating systems (Wintel; Linux; Unix)


Solid experience in multi-vendor networks and firewalls (Cisco, Palo Alto, Juniper)


Good experience in Database technologies (SQL, Oracle, DB2, Mongo)


Experience of vulnerability and threat assessment


Experience of Intrusion detection and prevention systems


Experience of Web-based application security including Akamai Kona, Apigee etc.


Ability to develop custom code (perl / shell scripting etc.)


Experience of Cloud systems and their architecture (Azure, AWS, Office 365)


Experience of working in a 24/7 Security Operations Centre environment or similar


Experience of Incident Handling processes and procedures


Knowledge of legal requirements for privacy of personal information from employees and customers


Demonstrable experience of working effectively with managed suppliers and vendors


Strong working knowledge of Splunk and log analysis in an enterprise environment


Exposure to numerous malware variations and IOC's.


Understanding of Java web applications and their security configurations.


Splunk (Core, ES and UBA)


Knowledge of protocols including E-mail / SMTP, DNS, SSL / TLS


Windows Active Directory and Policies




System Configuration including Microsoft Intune & SCCM


IBM Resilient


ITSM Tools including Remedy & Remedy CMDB


Nice to Haves;


Industry Standard qualifications and training (SANS; GIAC; CISP), and/or recognised security certifications


Similar jobs

Similar jobs