CSIRT Incident Lead

Quaero Group
Uxbridge, London (Greater)
Up to 80k per annum plus benefits and Car allowance
12 Jul 2019
09 Aug 2019
IT, Security
Job Type

CSIRT Incident Lead - Uxbridge London

£70-80,000 pa

Please note that there is no visa sponsorship on offer. All candidates should therefore ensure they are eligible to work in the UK without the need for visa sponsorship before applying.

My client, a highly recognisable brand and market leader in their industry, are looking to hire a CSIRT Incident Lead to lead a Cyber Operations team which covers, event management; identity & access management; incident management and response; IT process interface; investigations and forensics; endpoint security operations; threat hunting; Cyber security incident response (CIRT) and security Monitoring.

Must Haves;

Familiarity with appropriate legal frameworks - GDPR being the key focus


Deep understanding of Risk Management Framework


Experience of working in an Agile environment as part of a multi-disciplined team


Strong knowledge and demonstrable experience of cyber security technologies and methods


Security event log collection and analysis


Strong experience in enterprise operating systems (Wintel; Linux; Unix)


Solid experience in multi-vendor networks and firewalls (Cisco, Palo Alto, Juniper)


Good experience in Database technologies (SQL, Oracle, DB2, Mongo)


Experience of vulnerability and threat assessment


Experience of Intrusion detection and prevention systems


Experience of Web-based application security including Akamai Kona, Apigee etc.


Ability to develop custom code (perl / shell scripting etc.)


Experience of Cloud systems and their architecture (Azure, AWS, Office 365)


Experience of working in a 24/7 Security Operations Centre environment or similar


Experience of Incident Handling processes and procedures


Knowledge of legal requirements for privacy of personal information from employees and customers


Demonstrable experience of working effectively with managed suppliers and vendors


Strong working knowledge of Splunk and log analysis in an enterprise environment


Exposure to numerous malware variations and IOC's.


Understanding of Java web applications and their security configurations.


Splunk (Core, ES and UBA)


Knowledge of protocols including E-mail / SMTP, DNS, SSL / TLS


Windows Active Directory and Policies




System Configuration including Microsoft Intune & SCCM


IBM Resilient


ITSM Tools including Remedy & Remedy CMDB


Nice to Haves;


Industry Standard qualifications and training (SANS; GIAC; CISP), and/or recognised security certifications


Apply for CSIRT Incident Lead

Already uploaded your CV? Sign in to apply instantly


Upload from your computer

Or import from cloud storage

Your CV must be a .doc, .pdf, .docx, .rtf, and no bigger than 1MB

4000 characters left

When you apply for a job we will send your application to the named recruiter, who may contact you. By applying for a job listed on CyberSecurityJobsite.com you agree to our terms and conditions and privacy policy.

As part of the job finding service we provide, we will send you relevant news and information via email. These will be sent by SATOS Media and you may opt out from receiving these emails at any time by following the unsubscribe links within the messages or by contacting us via the details within the Privacy Notice.

You should never be required to provide bank account details. If you are, please email us.

Similar jobs

Similar jobs