Interim Cyber Defence Technical & Content Author

Triumph Consultants Ltd

View: 106

Update day: 11-06-2024

Location: Hereford West Midlands

Category: Architecture / Interior Design Civil / Construction

Industry: Human Resources Staffing

Salary: £550 a day

Loading ...

Job content

What’s involved with this role:
Interim Cyber Defence Technical & Content Author - PSR 1JP00041957 Pay Rate: Up to £550 per day pay range subject to IR35 status Key Accountabilities:
  • Uses data collected from a variety of Cyber defence toolsets to analyse events that occur within the network environment for the purposes of mitigating threats.
  • Develop content/use cases/playbooks for Security Information and Event Management (SIEM) solutions and provide SME assistance in the construction of signatures/rule correlations to be implemented in response to new or observed threats within the network/enterprise
  • Use Authority’s environment for continual monitoring and analysis of on-boarded ICS/networks to identify malicious activities
  • Progress the ability to write custom lists, queries and rules within the Authority’s environment
  • Coordinate and conduct event collection, log management, event management, compliance automation and identify monitoring activities
  • Assist the Authority’s environment engineer team in identifying how logs should be parsed
  • Mentor and support the existing Junior Analysts to triage alerts independently and support their role development within the Authority’s environment
  • Produce the Authority’s environment related supporting documentation detailing governance, procedures and processes for junior Analysts and linking to the engineering documentation
  • Develop innovative and cutting-edge detection content; utilising the MITRE ATT&CK and Cyber Kill Chain frameworks and liaison with the Authority’s environment TI to assist Authority in understanding their adversaries TTP’s, prioritise and test their defence in order to mature their Security Posture
  • Analyse network alerts received by the Authority’s environment and determine possible causes of such alerts
  • Analyse identified malicious activity to determine network weaknesses being exploited, the exploitation methods and effects on the system and information
  • Characterise and analyse network traffic in-depth to identify anomalous activity and potential threats to networks
  • Provide timely detection, identification and alerting of possible attacks/intrusions, anomalous activities and misuse activities and distinguish these incidents and events from benign activities
  • Coordinate with Authority’s environment’s staff to validate network alerts
  • Document and escalate incidents that may cause ongoing and immediate impact to the environment
  • Perform cyber defence trend analysis and reporting
  • Work with ambition to support the Authority with the maturation of the Authority’s environment, demonstrating a desire to broaden your own skills and knowledge in-turn imparting this knowledge on.
Key Requirements:
  • Previous experience of Enterprise ICS/network architectures and technologies
  • Experience and knowledge of SIEM solutions; having the ability to identify use cases and their creation, their deployment and tuning.
  • Experience as a mentor/coach to junior Analysts
  • Experience of writing automated test scripts or feature verification tests.
  • Broad IT and Network Security Experience and its application
  • Previous experience of utilising the MITRE ATT&CK and Cyber Kill Chain frameworks
  • Skilled in performing packet-level analysis to identify potential malicious activities
  • Knowledge of key security frameworks e.g. ISO, NIST
  • Excellent communication skills
  • Experience of writing cyber defence documentation
Desirable Qualifications:
  • Broad Spectrum Cyber Course (SANS SEC401 or SEC501 or equivalent)
  • SIEM Design, Architecture and Analyst Course (SANS SEC455 or SEC555 or equivalent)
  • Advanced Analyst Course (SANS SEC503 or equivalent)

Please quote the Job Title & Vacancy Reference No. in your application, or we will be unable to match your CV to the role being applied for.

“Essential Requirements” – Please check to ensure that your CV addresses the following items:
  • Our clients are generally seeking applicants who are reasonably local, not that they would exclude candidates willing to travel/relocate, so on that basis we would ideally like you to supply us with your address (or at least your post code) and a telephone number so that we can reach you during working hours
  • Your recent UK working experience going back at least 5 years, or full employment history if you have been working for fewer years than this.
  • Your availability to work either immediately, or at short notice.
  • Qualifications and experience relevant to the job role – please give full details within your CV document
  • Security Clearance Required
Other preferable/desirable details to include on your CV, if applicable:
  • Any local authority/public sector experience
  • Any relevant qualifications held or being studied for
A If you would prefer to send a CV straight to us rather than by way of an on-line application, you are very welcome to do so via jobs@tclrec.com but please quote both the job reference and job title exactly as they appear below:

Job Ref: PSR 1JP00041957

Anticipated Length of Assignment: Unless otherwise stated (we do carry the occasional permanent vacancy) all of our roles are technically temporary, though opening assignments can be and often are, extended by clients on a longer term basis and can sometimes become permanent. Please do try to resist contacting us with requests for progress updates. We really do read every CV sent to us. All applications will be acknowledged by a human, not a robot, provided the job remains live and provided your CV meets the “Essential Requirements” listed. Please note that we do our level best to take down ads as soon as roles have been filled. We are not in the business of harvesting CVs. Important: We will interpret your application as being permission to submit your CV to this role (with the right to represent you) unless you advise us to the contrary.
Loading ...
Loading ...

Deadline: 26-07-2024

Click to apply for free candidate

Apply

Report job
Loading ...
Loading ...

SIMILAR JOBS

Loading ...