Cyber Defence Analyst

Company Description

Introduction

OUTsurance is a customer-centric Financial Services company with a global foot print. We are vibrant, successful and values orientated with an awesome dynamic culture encapsulated by the ethos that clients and staff “always get something OUT.” Our success can be attributed amongst other things, to the outstanding people that work for us.

Adversaries are working around the clock to beat defences, compromise networks and steal sensitive company data. To stay ahead of the threats we are looking for an inspired, creative and dedicated Analyst who is passionate about security incident investigation & proactive threat hunting as well as collaborating with the relevant stakeholders to implement countermeasures to aid prevention, detection and response.

Job Description

Responsibilities

Adversaries are working around the clock to beat defences, compromise networks and steal sensitive company data. To stay ahead of the threats we are looking for an inspired and dedicated Cyber Defence Analyst who is passionate about cybersecurity. The successful candidate will need to have experience in network and security technologies and be capable of delivering high quality work within a technical environment.

• As part of this role, the analyst will be required to review alerts received via email or the SIEM platform and perform initial investigation, triage, and response. The response steps might require you to run additional scans, block domains/IPs, disable accounts etc.
• Assist in ensuring all critical and relevant log sources are ingested into the SIEM platform
• Assist in ensuring that all relevant hosts & sources are monitored across the environment, including cloud and on premise.
• Deployment or assist with deployment of technical solutions for detecting & preventing potential threats.
• Fine tune existing IoCs to reduce false positives.
• Assist in performing threat hunting activities.
• Mature the company’s Cyber Incident response plan, processes, and playbooks.
• Assist with running regular phishing simulations using the company’s security awareness solution.
• Work closely with the Offensive Red Team to mature detection capabilities.
• Assist with monthly reporting on alerts and incidents raised.

Competencies:            

• The successful individual would need to demonstrate the below listed:
• Strong analytical skills.
• Very strong interpersonal skills and the ability to build relationships.
• Critical thinking & problem-solving with strong decision-making mind-set.
• Takes initiative and works under own direction.
• Upholds ethics and values and demonstrates high levels of integrity.
• Methodically plans and organises tasks and projects.
• Demonstrate a high level of attention to detail.
• Adapts and responds positively to change.
• The ability to multitask and handle stress.

Qualifications

Qualifications/Experience

Essential

• 1+ years’ experience in IT Security, specialising in incident investigation & threat hunting using various tools and techniques.
• Ability to run an investigation from start to finish, including pivoting between data types and correlating events.
• Understanding the Attack life cycle.
• Experience with using SIEM platforms & technologies.
• Understanding of TCP/IP and networking concepts.
• Knowledge of IT security controls (Network IPS, Vulnerability Scanning, Endpoint Protection, Firewalls, Cloud Access Security Brokers).
• Experience with responding to phishing emails, malware analysis, network attacks and network traffic analysis.
• Familiarity and understanding of basic SQL and KQL queries.
• Strong knowledge of Windows and Linux.

Advantageous

• Exposure to different cloud services (Amazon Web Services, Azure, Google Cloud).
• Pentest/Red Team knowledge.
• Previous Security Operations Centre experience.
• Other relevant technology certifications, e.g. Red Hat Certified Admin, Azure Administrator Associate.
• Use of forensic analysis tools, e.g. Autopsy, Caine, SIFT
• Relevant industry security certifications such as: Security+, Network+, CySA+, other Blue Team training and certifications 

Additional Information

An ideal candidate will be able to align their personal work values to the OUTsurance values of Awesome Service, Passionate, Honest, Human, Dynamic and Recognition. Enthusiastic in dealing with challenges in a stressful, deadline orientated environment is essential.