Senior Cyber Incident Response Analyst - Canary Wharf

IT/Information/Cyber Security
Ref: 68 Date Posted: Monday 01 Jun 2020
LinkedIn ShareShare
Company: Financial Services
Location: Canary Wharf, London
Reports to  EMEA CIRT Lead
Salary: £70,000 - £90,000

The Role

As a Senior Cyber Incident Response Analyst, you will be part of the Global Technology, Cyber Security team that develops and oversees the company's security program, ensuring the company is protected from existing and emerging threats. Working with the various teams, the Senior Cyber Incident Response Analyst will follow appropriate procedures that are in place to detect and respond decisively to security incidents, assist with incident response-related activities within the US and providing support globally.
Primary Responsibilities:
• Coordinate and triage response to cybersecurity events and conduct forensic analysis
• Understand the threat landscape through collaboration with the Threat Intelligence team and other stakeholders
• Work with a team of threat hunters to proactively identify security events 
• Support incident response related activities
• Develop and follow standard operating procedures and playbooks to align response activities with best practices
• Deliver actionable incident metrics to management
• Follow the end-to-end incident response lifecycle
Required Qualifications:
• Working knowledge of common attack vectors and penetration techniques
• Excellent communication skills to effectively present to different business and technical audiences
• Demonstrated experience handling security events in critical environments
• Experience analysing system and application logs to investigate security and operational issues
• Demonstrated experience utilizing an SIEM (Splunk, LogRhythm, SolarWinds) in investigating security issues
• Strong knowledge of current enterprise detection and monitoring technologies and processes
• 3+ years of information security experience and prior experience focused on incident response activities
• Ability to work in an "on-call" status as necessary
• Organization skills with the ability to multi-task and identify priorities, work with cross-functional global teams, and execute on schedule
• Passion for security
• Ability to communicate to a technical and non-technical audience
• Excellent report writing and presentation skills
• Comfortable working in a fast-paced, exciting environment
• Advanced knowledge of network protocols (TCP, IP, HTTP) and operating systems
Preferred Qualifications:
• Degree in Computer Engineering, Computer Science, or Information Systems Management preferred 
• Experience in the financial services industry preferred
• Familiarity with threat hunting techniques preferred 
• Coding/Scripting in any major language (.NET, Java, Python, Ruby, PowerShell) preferred 
• Windows and Linux administration tools and concepts preferred