Lead External Attack Analyst
Based in Preston/Frimley (Hybrid)
£60,000 - £70,000 per annum + 10% bonus
Must be eligible for SC Clearance
What you'll be doing:
Maintains the Global Attack Surface Management service to ensure perimeter assets are known and tested, and Shadow-IT assets are discovered and brought into governance
Assists with complex purple team operations by providing subject matter expertise on the available attack surface and known weaknesses
Ensures external attack surface assessments, highlights perimeter risks. Ensures resolution is being conducted in line with documented process
Identifying security weaknesses and misconfigurations ensuring they are raised with the appropriate resolver groups
Checking and protecting through monitoring, the global external attack surface and performing continual testing of security controls
Leading on policy implementation, high standards and best practices within Attack Surface Management and Active Defence
Is responsible for specific work areas and provides mentorship and expertise to others in the team
Supports the Active Defence Manager when required, particularly on forecasting future team operations
Is a subject matter expert (SME) on emerging threatsYour skills and experiences:
Essential:
Broad and detailed experience of technologies including but not limited to VPN appliances, Firewalls, Attack Surface Management, IDS/IPS, Endpoint Protection, Microsoft Operating Systems, Linux, TCP/IP, Networking, Cloud, CDN's, Web Server's, Open-Source tooling, and Vulnerability Management
A good technical background with a detailed knowledge of cyber security, computer networks and operating systems
Analytical background and is comfortable analysing and interpreting large and complex data sets and articulating the story behind any observations along with providing conclusions and recommendations
Detailed knowledge of the current threat landscape, the TTPs frequently employed in those attacks and how we can investigate and mitigate these
Is experienced in interpretation of threat intelligence and will work on complex issues with little need for supervision or support
Knowledge and demonstrable experience of the MITRE ATT&CK framework
The latest news, articles, and resources, sent to your inbox weekly.
My Client, one of the most robust internal cyber security teams in the UK, are looking to bolster there state-of-the-art CSOC and bring in a genuine Cyber Defence Specialist to help lead the technical function.This is a great opportunity for an experienced cyber security specialist to join an industry leading...
London
We are looking forthe right people to join us as we embrace the challenges thrown up by the advancements within the IT industry and within the threats faced. Nettitude will be at the forefront of this arena and we want to seek the right people to join the team and...
LRQA Birmingham
Location: PortugalAt IQVIA, we look for the very best people, and then give them meaningful work to do. We don’t simply think about careers, we think about contributions. Those who choose to work with us are joining a recognized global leader – a company uniquely positioned to help clients make...
IQVIA London
The Cybersecurity & Technology Controls group at JPMorgan Chase aligns the firm’s cybersecurity, access management, controls and resiliency teams. The group proactively and strategically partners with all lines of business and functions to enable them to design, adopt and integrate appropriate controls; deliver processes and solutions efficiently and consistently; and...
JPMorgan Chase & Co. Bournemouth
The Threat Intelligence Lead will own Canonical’s threat intelligence strategy and execution, including understanding of which cyber threat actors are targeting Canonical, and the use of intelligence on Tactics, Techniques and Procedures (TTP) to better our products and internal cybersecurity controls. You will collaborate with internal stakeholders as well as...
Canonical London
Rapid7’s AI Centre of ExcellenceThe AI CoE partners with cross-functional teams at Rapid7 to enable customers to assess risk, detect threats and automate their security programs. We ensure AI, ML and data science are applied in a meaningful way to add impactful value, best achieve business objectives and deliver ROI...
Rapid7 Belfast
