Role: Incident Response Specialist
Locke & McCloud are looking for an Incident Response Specialist on behalf of an established global consultancy headquartered in London. This role is technical, hands- on and will involve remediating security alerts in a fast- paced environment.
Translates business objectives into security objectives by providing support in design/architecture for new security applications to improve the current security posture globally.
Contributes to, monitors and advises on the planned developments and changes in order to ensure relevancy, compliance and optimal delivery.
Recommends and implements initiatives, develops IR processes and procedures.
Contribute to the ongoing development of security operations “best practice” and support continuous improvement.
Manage business continuity plan, and information back-up procedures, to ensure minimal disruption in the event of Cyber Attack.
Implement security initiatives aimed at improving the existing infrastructure.
Review new security products and ascertain their suitability for the QBE environment.
Execute threat hunting activities using various proprietary and open source tools to identify current and emerging threats that pose a risk to the firm
Perform advanced analysis on collection of cyber threats using high-level proactive and reactive threat hunting methods.
Actively communicate with staff and third parties to correctly identify and resolve problems and manage their expectations.
Document incidents, requests and problem management information to ensure required compliance standards/SLAs are achieved.
Use security tools and resources to correlate suspicious events, providing context around the event, determine root cause and provide regular updates and recommend modifications to existing systems and procedures.
Perform deep-dive incident analysis of various data sources by analysing and investigating security related logs against medium-term threats and IOCs
Actively manage and apply the phases of Incident Response (preparation, identification, containment, eradication, recovery and lessons learned)
Execute vulnerability and web application assessments; provide analysis and recommendations to mitigate potential threats.
Makes moderately autonomous operational decisions on threats to QBE’s systems, assets and business operations and provide recommendations for mitigating controls and/or remediation.
Advanced technical expertise of security solutions and technologies, including: Windows, Linux, Networking, Security Architecture experience and knowledge of packet flow/TCP/UDP traffic, Firewall and proxy technologies, cloud solutions, anti-virus, static and dynamic malware analysis techniques.
Working experience in leading security incidents at all levels related to incident response
Working experience in managing 2nd/3rd level security events
Ability to manage relationships with global security operations colleagues and other departments, including network teams and incident managers.
Demonstrated ability to make decisions on remediation and counter measures
Be able to communicate effectively and update senior stakeholders globally