About the Role:
Placed within our Cyber Threat Intelligence function, our Cyber Threat Hunting Analyst are responsible for carrying out in-depth analysis and research on the latest threats, as well as recommending effective remediation actions.
We are looking for you to join as a Threat Hunting Analyst. As a Cyber Threat Hunting Analyst, you will support the CSG, in threat hunting and cyber security incident response. Working proactively to support the SOC analysis team to detect and defend against cyber threats facing the business.
What you’ll be doing
- Support threat hunting activities to CSG in the defence of cyber threats.
- Support threat hunting team in day-to-day checklist(s), including log review, alert analysis, and investigation enrichment.
- Support the threat hunting team in delivery of actionable threat intelligence utilising know cyber threat frameworks such as Mitre Att&ck and Killchain.
- Support the delivery of out of hours threat intelligence support when required, such as a major cyber security incident.
- Support the improvement and development of new CC-SOC content based on observed and measured cyber threat activity.
- Remain current on cyber security trends and intelligence (open source and commercial) to guide the security analysis & identification capabilities of the CC-SOC.
- Remain current on threats, exposures and mitigations (APT, Zero days, Methods & tactics) that could impact the business.
- Deliver specialist investigation and analysis on cyber security incidents to support the Cyber Security Incident Response Team (CSIRT).
What you’ll bring
- Experienced in Information and Cyber Security, including a SOC.
- Experienced in common open and closed source intelligence tools and technologies.
- Experienced in common SOC SIEM technology applications including Splunk ES and Sentinel.
- Experienced in investigating security breaches and security incident management.
- Knowledge of specialist security technologies including CIS Benchmarks, Tenable and Qualys.
- Knowledge of specialist threat information sharing including STIX, TAXII, CiSP etc.
- Knowledge of network topologies and protocols.
- Knowledge of security risk management, incident response and crisis management.