Job Summary
OVERALL PURPOSE
The overall purpose of this position is to:
- Lead the management, deployment and operation of a portfolio of cutting-edge security solutions
- Monitor security events and incidents and assess impact of published vulnerabilities in our environment
- Detect, hunt and automate events handling, detect malicious activity, improve detection rules and use cases
- Investigate events and incidents to determine risk and severity autonomously and with our MDR partner
- Define remediation plans and work closely with IT Engineering to rebuild/remove exposed components
- Continuous review of incidents, security posture and systems and enrich external source of intelligence
- Support the business and work according to ITIL processes for incidents and requests
- Write both technical and business reports of security events and incidents
QUALIFICATIONS AND EXPERIENCE
- Relevant degree advantageous
- Minimum 2 years’ experience with Security incident handling
- Experience in a SOC is a strong an advantage
- Certifications such as GCIH, GSEC, GCFA, CCNA, MCSA highly valued
- EDR, SIEM, Incident detection and response
- Software / Scripting Development skills
- Windows/ Linux Security experience
SKILLS
- English at business level
- Good experience with alerts arising from SIEM tools
- Good knowledge of Microsoft Windows / Server and Linux common offensive techniques
- Good knowledge of EDR and EPP solutions
- Knowledge of Public Cloud and Threat Intelligence an advantage
- Exposure to penetration testing tools, firewalls, routers and switches an advantage
- Willingness to learn new technologies at a fast pace in a constantly evolving environment
- Flexibility, well developed sense of organization and personal responsibility
- Good scripting abilities with good understanding or regular expressions
- Good knowledge of general IT systems and TCP/IP networking
COMPETENCIES AND BEHAVIOURS
- Good communications skills
- Highly organized and able to collaborate with virtual teams
- Strong interests in hybrid infrastructures and Microsoft 365 and Azure technologies
- Proven analytical and problem-solving abilities
- Curious and passionate about security, security incidents, detection and threat hunting
- Ability to effectively prioritise and execute tasks in a high-pressure environment
- Ability to design and draft creative and cost-effective solutions
- Result-driven, with a strong sense of service and excellence