Job PurposeThis role will operate within the Threat Analysis and Response structure within the Security Operations Centre.The Lead Analyst is the technical lead on information security investigations affecting the Group, and will be the point of escalation for potential incidents. The Lead Analyst will be responsible for processing alerts from various detection platforms and ensure consistent and risk appropriate response processes are executed. The lead analyst will also provide thought leadership in the structure and ensure that continuous improvements are implemented in the SOC, in terms of process consistency and efficiency.The role will also include a focus on “Threat Hunting” and the formulation of detection use cases. This is to proactively hypothesise and execute hunts to detect cyber threats that evade traditional security controls that may exist within the environment. This will include research based on various inputs such as threat actor TTP’s, incidents, assessments, industry reports etc. resulting in the development of hunt sprints across different log sources.The lead analyst will also be expected when required to be the incident lead during cyber incidents and coordinate the response efforts in accordance with the incident response methodology.
Responsibilities + Skills
Basic Windows/UNIX digital forensics knowledge requiredGood understanding of Windows/UNIX operating systemsGood understanding of Active Directory