Senior Cyber Defence Analyst at OUTsurance

Introduction

OUTsurance is a customer-centric Financial Services company with a global foot print. We are vibrant, successful and values orientated with an awesome dynamic culture encapsulated by the ethos that clients and staff “always get something OUT.” Our success can be attributed amongst other things, to the outstanding people that work for us.

Adversaries are working around the clock to beat defences, compromise networks and steal sensitive company data. To stay ahead of the threats we are looking for an inspired, creative and dedicated Senior Analyst who is passionate about security incident investigation & proactive threat hunting as well as collaborating with the relevant stakeholders to implement countermeasures to aid prevention, detection and response.

The role is part of the Information Security function that is responsible for all strategic security planning and control oversight to ensure that effective security related risk mitigation takes place throughout the company and as governed by the Group Cyber Security Control Framework.

Qualification and Experience

 Essential

• 5+ years’ experience in IT security, specialising in incident investigation & threat hunting using various tools and techniques.
• Ability to run an investigation from start to finish, including pivoting between data types and correlating events.
• Experience with malware analysis, vulnerability exploitation, network exploitation, network attacks, network traffic analysis and social engineering.
• Experience in using a variety of tools, e.g. EDR, PassiveTotal, Wireshark, Joe Sandbox.
• Familiarity and understanding of basic SQL and KQL queries.
• Proven knowledge of security fundamentals across Microsoft platforms (client, server and cloud).
• Strong knowledge of networking principles and standard protocols.
• Strong knowledge of Windows and Linux.
•  At least one of the following technical security accreditations: CISSP, CEH, OSCP, GIAC.

Advantageous

•  Previous Security Operations Centre experience.
•  Use of forensic analysis tools, e.g. Autopsy, Caine, SIFT.

Job Responsibilities

• Oversee all security incident investigations to ensure that incidents are thoroughly & timeously investigated.
• Facilitate and/or oversee the implementation of countermeasures to mitigate any identified deficiencies.
• Deployment or assist with deployment of technical solutions for detecting & preventing potential threats.
• Ensure all relevant hosts & sources are monitored across the environment, including cloud and on premise.
• Ensure that all new critical security log sources are ingested into the relevant SIEM.
•  Ensure adequate activity log retention on all critical systems, apps & infrastructure appliances for investigation purposes in the event of a breach.
•  Identify important elements of threats (behaviours, tools, targeting, etc.) and use this knowledge to build detections.
•  Fine tune existing IoCs to reduce false positives.
• Mature the company’s Cyber Incident response plan & processes.
• Take ownership of incident response playbooks.

Competencies

The successful individual would need to demonstrate the below listed competencies at an advanced level:

•  Analytical & detail-oriented
• Very strong interpersonal skills and the ability to build relationships
• Critical thinking & problem-solving with strong decision-making mind-set
• Takes initiative and works under own direction
• Upholds ethics and values and demonstrates high levels of integrity
• Methodically plans and organises tasks and projects
• Demonstrate a high level of attention to detail
• Adapts and responds positively to change
• The ability to multitask and handle stress