Incident Response Analyst

Employer
BAE Systems Digital Intelligence
Location
Guildford, London, Manchester
Salary
Competitive
Closing date
11 Sep 2022

View more

Sector
Defence , Engineering, IT
Job Role
Security Consultant
Job Type
Permanent
You need to sign in or create an account to save a job.

Job Details

Incident Response Analyst

BAE Systems Digital Intelligence offers world class Incident Response services to customers across the globe. Our team investigates some of the most complex nation state threat actors and intrusions on a daily basis. We have a vacancy for a Digital Forensics & Incident Response Specialist. The successful candidate would be expected to lead incident response investigations, conduct forensic analysis of Windows, Linux and macOS systems, analyse log files such as firewall, proxy and DNS logs, and conduct threat research and malware based investigations. To support our customers prepare for incidents, skills such as the ability to create and deliver table top exercises, incident response plans and playbooks for our customers are also highly desirable. Members of the Incident Response team are encouraged to learn about other areas of the wider business (such as Threat Intelligence and Security Testing), and there will be opportunities to cross train and upskill if the successful applicant is interested.

We are looking for candidates with a strong technical background and deep understanding of the threat landscape that can be applied during emergency response and ongoing threat research.

Responsibilities:
  • Lead the investigation of cyber-attacks against our customers as part of the global Incident Response team.
  • Development of tradecraft in investigating complex attacks and mentoring of new joiners.
  • Conduct forensic analysis of Windows, Linux and macOS systems.
  • Perform analysis of log files such as firewall, proxy and DNS logs.
  • Assessment of tools, techniques, and procedures of different actors from hacktivist to criminal to nation state.
  • Design and deliver bespoke cyber incident tabletop exercises to our clients.
  • Create client specific cyber incident response plans and playbooks.
  • Deliver cyber incident response training to our clients.
  • Conduct incident response readiness assessments.


Requirements:
  • Strong subject matter expertise on investigating and responding to cyber intrusions.
  • Two years or more experience in investigating complex network intrusions (by state-sponsored groups or targeted ransomware attacks).
  • Experience using forensic tools such as EnCase, Axiom and Cellebrite UFED.
  • Awareness of EDR tools such as Carbon Black Response, Microsoft Defender for Endpoint or Tanium.
  • Self-starter with ability to identify problems early and come up with solutions using own initiative.
  • Ability to communicate complicated technical challenges in business language for a range of stakeholders from IT teams to C-level executives.
  • Ability to write Incident Response reports concisely and proficiently, as well as use graphics to illustrate scenarios or datasets.


Desirable skills:
  • Knowledge of or willingness to learn scripting/programming languages such as Python, PowerShell and C#.
  • Familiarity with the threat landscape and knowledge of threat actors and campaigns.
  • Certifications such as CREST (CCIM, CCHIA, CCNIA or CCMRE) or GIAC (GCFE, GCFA, GNFA, GCIH or GREM) an advantage.

Life at BAE Systems Digital Intelligence

We are embracing Hybrid Working. This means you and your colleagues may be working in different locations, such as from home, another BAE Systems office or client site, some or all of the time, and work might be going on at different times of the day. By embracing technology, we can interact, collaborate and create together, even when we're working remotely from one another. Hybrid Working allows for increased flexibility in when and where we work, helping us to balance our work and personal life more effectively, and enhance well-being.

Diversity and inclusion are integral to the success of BAE Systems Digital Intelligence. We are proud to have an organisational culture where employees with varying perspectives, skills, life experiences and backgrounds - the best and brightest minds - can work together to achieve excellence and realise individual and organisational potential.

About BAE Systems Digital Intelligence

BAE Systems Digital Intelligence is home to 4,800 digital, cyber and intelligence experts. We work collaboratively across 16 countries to collect, connect and understand complex data, so that governments, nation states, armed forces and commercial businesses can unlock digital advantage in the most demanding environments.

Launched in 2022, Digital Intelligence is part of BAE Systems, and has a rich heritage in helping to defend nations and businesses around the world from advanced threats.

Company

BAE Systems Digital Intelligence is home to 4,800 digital, cyber and intelligence experts. We work collaboratively across 16 countries to collect, connect and understand complex data, so that governments, nation states, armed forces and commercial businesses can unlock digital advantage in the most demanding environments.

Launched in 2022, Digital Intelligence is part of BAE Systems, and has a rich heritage in helping to defend nations and businesses around the world from advanced threats.

Find Us
Location
Guildford, Surrey
GB
You need to sign in or create an account to save a job.

Get job alerts

Create a job alert and receive personalised job recommendations straight to your inbox.

Create alert