13th October 2022
Security Incident Response Specialist
Cyber Security
London
Up to £66,000 per annum
Security Incident Response Specialist
Location: City of London (Hybrid)
Up to £66,000 per annum
On behalf of a Spencer Rose key client, we have a fantastic opportunity for an experienced Security Incident Response Specialist to join their established team based out of their London office. As a Security Incident Response Specialist you will focus on cyber security incident triage, investigation and response. This involves carrying out technical investigations, along with focusing on improving our incident response capabilities and processes. You will review current IT Security Operations processes to ensure they are applicable and fit-for-purpose and liaise with other departments to improve knowledge and understanding. You will also leverage incident response activities to identify improvements to our security posture, along with working to continuously enhance our monitoring & detection coverage.
Key Responsibilities:
- Maintain the Security Incident Management processes and procedures to support business policies and operations.
- Support, investigate and manage Security Incidents to a resolution and retrospectively implement improvements.
- Ensure efficient and effective, proactive, and reactive security monitoring and defence across the Groups information assets.
- To ensure regular KPIs are reported on and identify areas for improvement and make recommendations accordingly.
- To provide security incident response and ensure processes and procedures are efficient, effective and are tested regularly in line with policy.
- To develop and maintain operational checks to ensure the confidentiality, integrity and availability of the Groups information assets is maintained and in-line with compliance and regulation.
- To ensure that all Audit and Data Protection requirements are met and adhered to by the Business and Security department, as well as assist in maintaining compliance against industry standards and regulations eg DPA, PCI-DSS.
- To ensure the Group meets the requirements of PCI and other Security standards with respect to Security Incident Management.
- To proactively engage with stake holders and system owners in the management, ownership, and treatment of information security risks within the Group.
- To work with third party security partners to mature and improve services provided to the Group.
Experience/Skills required:
- Experience working in an IT Security Operations role, preferably in a Financial Organisation, with knowledge in the following areas:
- SIEM technologies, particularly Splunk
- EDR tooling
- Data Loss Protection tooling and process
- Vulnerability Management
- Microsoft Windows Server family of products.
- Linux Operating Systems
- Operational experience of PCI DSS
- Thorough understanding of TCP/IP
- Knowledge of Microsoft desktop applications essential.
- Identity and access management systems
- Knowledge of Microsoft’s E5 security capabilities is a plus
- Experience managing and co-ordinating security incidents, working closely with other security teams such as IT incident management, Crisis Management, BCM, Data Protection etc.
- Experience maintaining a current view of the cyber threats and being able to advise the business on the threat landscape and attacks which may be relevant.
- Hands on experience of security monitoring tool configuration and maintenance.
- Security incident response capability maturity assessment.
- Deep technical knowledge of incident response and investigation processes.
- A strong technical background in a SOC, Digital Forensics or Malware Analysis.
Consultant -
Telephone:
Share This Position