24 x 7 Security Analyst Defensive Security Services

Job ID:40180
Location:Birmingham : 1 Trinity Park : Bi  
Position Category:Information Technology
Position Type:Employee Regular

About LRQA Nettitude #LI-Nettitude

 

Founded in 2003, LRQA Nettitude is an award-winning global provider of cybersecurity services, bringing innovative thought leadership to the ever-evolving cybersecurity marketplace. Through our research and innovation, we provide threat-led services that span technical assurance, consulting, and managed detection and response offerings.

 

We are driven by a desire to build and deliver the best cybersecurity propositions in the industry and stay abreast of the evolving legislative and regulatory landscape. This helps our clients to prioritize their cybersecurity risks, enabling them to focus on the activities that are core to their business.

 

We’re part of LRQA

LRQA is a leading global assurance partner, bringing together decades of unrivalled expertise in assessment, advisory, inspection, and cybersecurity services – underpinned by data-driven insights – to help its clients navigate a new era of risk.

 

Operating in more than 160 countries with a team of more than 6,000 people, LRQA’s award-winning compliance, supply chain, cybersecurity and ESG specialists help more than 61,000 clients across almost every sector to anticipate, mitigate, and manage risk wherever they operate.

 

 The role

Working as a key member of our 24x7 SOC team, you will use your expertise to detect and respond to threats of varying capabilities and sophistication within agreed SLAs. You will use next-generation SIEM, EDR, network monitoring, in house technology and commercial threat intelligence to deliver continuous monitoring and triage suspicious events, providing an assessment of risk/threat to enable efficient response.  

Not only will you assess threats using all information sources available to you, you’ll also be involved in projects that enhance our capability, ensuring we continue to build on our cutting-edge detection & response services, protecting our clients globally.

We don’t operate under the traditional SOC tiers, with no glass ceilings, and we prioritise development as part of our close knit, high-trust team. So, the passion and drive to get involved, make a difference and having an eye for detail is key to us providing a first-class service, supporting both our security mission and that of our clients.

 

 Location

Nettitude Managed Security Services have a flexible working policy and therefore we can support working from across the UK. There may be a requirement to attend our Birmingham office on occasion. All applicants will require residence in the UK.

 

What you’ll be doing in your role:

 

• Operate as part of the 24x7 SOC Monitor Team, providing proactive defensive monitoring to clients of all shapes, sizes and industries
• Utilise industry-leading security tools to investigate cyberattacks and be the first to detect and respond to real threats with diverse capability, sophistication, vectors and objectives
• Generate detailed, jargon-free Incident Reports of your findings, with actionable recommendations, mitigations, and investigative leads
• Maintain regular verbal and written communications with stakeholders, representing Nettitude internally and externally as required
• Create high-standard management and operational reports in a timely, concise, and actionable manner
• Support the creation and maintenance of use-cases, detections, threat hunts and playbooks using industry best-practice, detections frameworks and emerging threat intelligence
• Maintain an up-to-date global security awareness via a mixture of open, closed and commercial sources, inc. defensive monitoring technologies,  threats and trends
• Perform basic static and dynamic analysis as part of phishing email investigations
• Take part in Threat Hunting across multiple toolsets to proactively identify tactics, techniques and procedures commonly observed in advanced adversary operations; analysing and enriching data across clients environments, documenting findings and providing feedback and recommendations

 

Key Skills:

 

The following are the requirements for this role:

Technical:

• Good working knowledge of the Cyber Kill Chain and Mitre ATT&CK frameworks, specifically in understanding what stages an attack technique would be and how to interrupt it
• Developed knowledge of attack vectors, TTPs and the ability to differentiate between normal and abnormal activity using this knowledge, providing recommendations on countermeasures and remediations
• Ability to analyse and transform complex datasets across multiple formats and draw sensible conclusions from your analysis
• Strong understanding of Windows and Linux internals
• Working knowledge of enterprise devices and the logs they provide
• Strong understanding of languages such as Python, PowerShell, SQL and KQL

People:

• Strong communication and interpersonal skills in a customer-facing role
• Demonstrable ability to work with a high degree of autonomy, on personal projects and within a collaborative team
• Demonstrable dedication to continually grow and develop
• Be a self-starter, able to initiate and develop concepts and ideas into solutions
• Ability to attain Security Clearance (SC)

 

There are no formal requirements for any qualifications or certifications. We’re not looking for badge collectors; we look far deeper than that. However, one or more of the following may serve as an distinct advantage.

 

• SC-200: Microsoft Security Operations Analyst, AZ-500: Azure Security Engineer Associate or MS-500: Security Administrator Associate
• CREST CPIA, CRIA, CPTIA or above
• CompTIA certifications (Security+, CySA+)
• EDR-vendor certifications
• Azure/AWS/GCP Administrator/Engineer, DevOps or Data
• Defensive Security or similar industry recognised certifications (E.g GIAC, SBT) are also well received

 

What we offer:

 

We are a people-focused, high-performing managed security services team. We pride ourselves on our investment in our people, meaning as we are a fast-evolving team in an exciting working environment, you’ll always have opportunities to solve the latest cybersecurity challenges, with the responsibility and development opportunities to match.

 

Company benefits: 

 

• Intensive new starter training program, blending theory, hands-on labs, case studies, online and on the job training to help you hit the ground running
• Access to our interactive learning platforms via our partners, with encouragement to pursue subsidised external training & certification
• Frequently updated training & progression plans with multiple tracks of development, supporting lateral movement or upwards progression
• Generous annual training, cross-training and project days
• Yearly wellness day to be spent in the way that works best for you
• Recognition & rewards for individual, team and department performance
• Performance-based bonus programme
• Generous pension scheme
• Shift Allowance

 

An attractive remuneration package will be provided.

 

Apply?

We don’t expect candidates to tick all the boxes, if you feel your skills, knowledge and experience are a good match for the requirements and have a desire to learn and develop, we’d like to hear from you.

Apply now via the ‘apply’ button and upload your C.V. and cover letter.

Diversity and Inclusion at LRQA:

We are on a mission to be the place where we all want to work and we are passionate about embracing different perspectives because we understand the value this brings to our business, our clients and each other. We are all about creating a safer and more sustainable future and our inclusive culture is right at the heart of our business.

Together our employees make our communities better and we want you to be part of our diverse team!

LRQA is a leading global assurance provider.  The integrity and expertise we bring to our partnership with clients support their journey to a safer, more secure and more sustainable future. (Group entities).

Copyright © LRQA 2021. All rights reserved. Terms of use.  Privacy Policy.