Cyber Security Incident Response Specialist
hace 5 días

Job type : The overview :

The overview :

An excellent opportunity is now open for a Cyber Security Incident Report Specialist who will be responsible for cybercrime investigations for Centrica.

This includes internal investigations, e-Discovery, network forensics, cyber breach investigations including complex and sensitive inquiries.

There will also on occasion the need to write reports / witness statements and give evidence in court or at other tribunals.

The role :

As a Cyber Security Incident Report Specialist, you will be assisting the Security Operations Manager in the management of all aspects of Security Operations, including :

  • Providing eDiscovery services, Forensic analysis, and Incident Response investigations.
  • Building and managing eDiscovery, forensic and incident infrastructure and tools within a large enterprise environment.
  • Providing information security management, and information security breach investigation and computer forensics.
  • Lead and manage sensitive cyber forensic investigations.
  • Supporting and participating in weekly security operations calls.
  • Reporting progress and escalating in a timely manner to the Security Operations Manager.
  • Maintaining dashboards for management reporting and producing input to team updates.
  • Performing security reviews across information systems and key infrastructure (e.g., firewalls, privilege access groups, databases).
  • Supporting third party security services benchmark reporting against Centrica’s policies and ensuring contractual requirements are met.
  • Tracking the remediation of vulnerabilities reported by static and dynamic scanning tools through to remediation or risk acceptance.
  • Analyzing security reports to identify trends and drive secure behaviors throughout the business.
  • Managing operational and regulatory issues, and escalating as appropriate.
  • Creating and maintaining documentation as it relates to security designs / configurations, processes, and requirements.
  • Managing alerts and highlighting events requiring further investigation
  • Maintaining an awareness of security policies and government regulations pertaining to information security
  • The person

    Your background includes experience in :

  • Security Operations environment and Cyber Security Incident Response team.
  • SIEM, SEM, and Log monitoring and analytics.
  • IT helpdesk or in IT operations.
  • Scripting / programming (PERL, shell scripting, C, use of Regular Expressions).
  • Operating systems (e.g., Android, iOS, Linux, Windows, MVS, VMWare), hardware and software platforms; and protocols as they relate to information technology.
  • Analyzing network attacks.
  • Information risk and security-related best practices, policies, standards, and regulations - including areas such as International Organization for Standardization (ISO) 27001, Information Security Form (ISF), Payment Card Industry (PCI) Data Security Standard, and data privacy.
  • Emerging risk and threat landscape in the power utilities, retail energy, or oil and gas industries.
  • You will also possess the following skills :

  • Ability to work under pressure and cope with competing demands.
  • Knowledge of general IT infrastructure and protocols.
  • Knowledge of Unix / Linux / Windows Administration and Logging.
  • Bachelor’s degree preferred (but not essential) in area(s) of study such as information technology, computer science, information systems;
  • or related field, or high school diploma with relevant work experience.

  • Understanding of possible attack activities (e.g., network probing / scanning, Denial-of-service attack (DDOS), malicious code activity, etc.
  • would be advantageous.

  • General knowledge of Network Security appliances (IDS, Firewall, VPN management, configuration and tuning, Intrusion Prevention), would be advantageous.
  • General knowledge of Network and Application Protocols (IP, TCP, UDP, FTP, HTTP, DNS, routing, etc.), would be advantageous.
  • Knowledge of the following technologies would be advantageous : leading Security Information and Event Management (SIEM) technologies, IDS / IPS, network-
  • and host- based firewalls, data leakage protection (DLP), web proxy filtering, email filtering.

    Ideally you will possess one of these qualifications : GIAC Certified Intrusion Analyst, Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), CompTIA Security+, Information Systems Examination Board (ISEB)

    Añadir a favoritos
    Elimnar de mis favoritos
    Mi Correo Electrónico
    Al hacer clic en la opción "Continuar", acepto que neuvoo recolecte y procese mis datos de conformidad con lo establecido en su Política de privacidad . Tengo derecho a darme de baja o retirar mi autorización en cualquier momento.
    Formulario de postulación