Cyber Security Specialist. Job Responsibilities • Monitor alerts across Security Stack and provide advanced detection and response service through security event analysis review. • Perform incident response and basic malware analysis to investigate incidents. • Help navigate staff from incident response triage into the incident response process if findings are substantiated. • Work with the senior security engineers and analysts in fine tuning the security systems removing any false positive alarms. • Maintain current knowledge of tools and best practices in forensic and incident response and develop an understanding of advanced persistent threats, including tools, techniques, and procedures of attackers. • Lead security vulnerability management program recommending best practices/solutions to address vulnerabilities, secure hosts, applications, databases, and network technologies. • Strengthen Security operations monitoring by extracting data from threat intelligence and develop understanding of adversary TTPs. • Monitor the performance of security solutions to identify and bring to attention breaches and potential intrusion incidents. • Monitor security logs and alerts from various sources, including intrusion detection systems, Endpoint Detection and Response (EDR) systems and security information and event management (SIEM) tools. • Investigate and analyse security incidents, identify root cause, and develop appropriate mitigation strategies. • Execute security response actions, including full remote remediation of endpoints. • Perform threat hunting and proactive analysis to identify potential security risks and vulnerabilities. • Implement security frameworks including CIS Benchmarks, ASD essential 8 on systems. • Handle cyber security incidents in conjunction with the existing service providers from detection through to completion, including maintaining incident response documentation, postmortem root cause analysis, writing incidents reports and providing lessons learnt and enhancements required. TECHNICAL PROFICIENCY : One of these following certifications: CISSP (Certified Information Systems Security Professional), CISM (Certified Information Security Manager) or CCISO (Certified Chief Information Security Officer). Technical understanding of digital forensics and incident response in accordance with NIST standards. Experience working and designing solutions that meet compliance standards for NIST, ISO, CMMC, PCI and DOD regulatory controls. Advanced proficiency with Microsoft Office products, including Word, Outlook, PowerPoint, and Excel.
