Cyber Incident Response Analyst (CIRT)
The Company is an international leader in electronic and information technologies for defence systems, aerospace, data, infrastructures, land security and protection and sustainable ’smart’ solutions. They employ 4,000 people across the UK. In addition to achieving ‘Investors In People’ accreditation, they won the Queens Awards for enterprise and international trade. They are entering a period of expansion offering exciting opportunities to work at the forefront of technology.
Salary: Highly Competitive
Key Skills: Incident Response/ Cyber Investigation/ Network Appliances/ Network Architecture
As a CIRT Analyst you will be responsible for providing incident response services to company’s clients, conducting threat hunting across available sources and conducting extensive research into new relevant cyber-attacks, malware and TTPs of threat actors to assist in providing best practice threat-led Security Operations and consultancy services. You will act as the subject matter expert for Network Investigations within the CIRT team, and will identify, contain and remediate cyber security incidents across large networks with support from other CIRT specialists. The role would ideally suit a seasoned incident responder or cyber investigator with experience working with networking appliances. It would also suit a network administrator or architect looking to enter the field of incident response.
Key Responsibility Areas:
- Report directly to the Senior CIRT Analyst, supporting the professional delivery of all CIRT services
- Act as the subject matter expert for computer networking and be the primary responder for network investigations
- Advise on how to best respond to any given incident
- Advise on how to best implement mitigation measures which might prevent or limit future incidents
- Provide expert cyber knowledge to clients and to the internal team
- Conduct threat hunting across available security devices, focusing on network monitoring appliances
Skills, Qualifications & Knowledge Required:
- Excellent technical knowledge of common networking and routing protocols (e.g. TCP/IP), services (e.g. TLS, DNS, SMTP) and how they interact to provide network communications, packet-level analysis, firewall administration, network appliance log analysis, network intrusion detection and protection systems, Snort rule creation and maintenance
- Hands-on experience with popular network, vulnerability assessment and penetration testing tools including Wireshark, Metasploit, Nessus and Snort
- Some knowledge of Cyber Security Incident Response processes and procedures
- Able to communicate technical information to non-technical audiences
- Hands-on experience with both commercial and open source network security appliances including Niksun, PfSense, Security Onion
- Knowledge of host-based investigations including digital forensic principles and practices
- Experience in winning commercial bids and delivering technical services
- Experience developing commercial cyber security services
- Knowledge or experience in Penetration Testing
- Practical programming knowledge or experience in Python
As a member of the Institute of Recruiters (IOR), the Cordius team offers unrivalled expertise; a flexible and personal approach of successful recruitment within Engineering, Supply Chain and Technical disciplines - our highly experienced team of specialist consultants offer professional and transparent services to match the individual needs of both clients and candidates.
Apply for this job
Our Commitment to you
Here at Cordius Ltd. we work closely with our candidates to ensure that we provide you with a first class recruitment service. Our recruitment consultants seek to ensure that both the needs of the employer and the candidate are met, therefore producing a cohesive relationship and the best chance of success. Our Candidate Management Team is dedicated to helping you make the most of your CV and to aid you in the recruitment process through offering advice on interview techniques and construction of your CV.
Read our Terms & Conditions