Cyber Security Analyst / Threat HunterReading - 1 / 2 days per week in the office£55,000 - £65,000 + benefits
Fantastic new permanent opportunity for an experienced Cyber Security Analyst with this market leading global manufacturing business based in Reading. Reporting into the Cyber Security Operations Manager and as part of a larger global cyber security team you will provide subject matter expertise in operational support for the day-to-day activities of the Global Security Operations Services.
You will be responsible for the effective triage and escalation of all incidents to the Leadership Team where required and will act in an advisory and SME capacity on all projects and initiatives, effectively assisting, planning, and technically implementing solutions where required and assigned to do so.
Main responsibilities: Ensure the efficient and effective operation of security infrastructure and delivery of security services within on-prem, operational technology (OT) and native cloud infrastructure such as Azure and GCP. Develop new monitoring and detection capabilities in the SIEM, network and endpoint security platforms aligned to the MITRE ATT&CK and Cyber-Kill Chain Frameworks. Act as second / third level support - Review operation logs and event console activity to determine cause of security-related events or to identify potential security-related events. Leverage known adversarial tactics and techniques and threat hunting skills to ensure security tools are properly configured to monitor, detect and alert of nefarious security behaviours and provide recommendations or changes to configurations, tooling or processes accordingly. Develop and refine event detection, incident response and forensics technical capability and procedures globally, constantly evaluating and improving alerting and investigations fidelity. Leverage next generation security tools such as SOAR to help further the company's security practice. Provide guidance and advice to management and act as an escalation point and advisor to other security analysts within the cyber security team and across other IT teams within the organisation. Provide Cyber Security consultancy with the wider teams for security requirements and solutions for projects and global initiatives. Utilise threat intelligence and vulnerability analysis/data to define actionable rule tuning and threat hunting activities, liaising with MSSP and EDR services
Skills Required: Proven background within a similar Security Operations focussed Cyber Security Analyst position. Proven background within cybersecurity Threat Hunting, Threat Intelligence, Security Operations Centre / Managed Detection and Response (MDR/SOC) or in-house Security Operations based function (Blue Team). Strong Knowledge of MITRE ATT&CK and Cyber Kill Chain frameworks and how to translate tactics, techniques and procedures (TTP's) of attackers into enhancing current and future security tooling. Strong technical experience and knowledge in handling and investigating Security Incidents including report writing of findings or lessons learned to Senior Leadership. Strong knowledge working with Endpoint Detection and Response (EDR) such as SentinelOne, Crowdstrike, Carbon Black or Sophos. Strong experience and knowledge surrounding the investigation of security incidents, using EDR and SIEM based technologies including the reporting of investigations to Senior Leadership. Knowledge and understanding of information risk concepts aligned with the CIS Top 18, and how to implement technical controls to monitor and address these risks.
For any further queries regarding the role, please contact Danny Palmer on or at