Whitehall Resources are looking for an experienced Cyber Security Analyst for an initial 4 month contract.
This role will be remote with occasional travel to clients site.
Due to the nature of the work, SC Clearance is required.
Essential Skills/Experience: - Previous experience performing triage and 1st/2nd line analysis and SANS or similar incident response stages - Basic knowledge of cloud platforms and services, esp. AWS and Azure - Windows threat hunting, predominantly via host data analysis - Knowledge of attacker TTP's and MITRE ATT&CK model- - Basic forensic awareness, plus data capture/snapshot techniques for on-prem and public cloud infrastructure - Some experience with Splunk SIEM -.*KQL skills (or strong SQL skills and familiarity with KQL)*
Desirable Skills/Experience: - Linux analysis/threat hunting - NIDS & Network based analysis/threat hunting (eg Zeek/Bro & PCAP analysis) - Previous experience with Splunk SIEM, Enterprise Security App, creating and modifying correlation searches - Experience analysing AWS and Azure native logs formats and associated analysis (VPC flowlogs, cloudtrail etc) -.*Experience in MS Azure suite of security tools Azure Sentinel, Azure Security Centre, Microsoft Defender ATP* - Basic knowledge of iOS malware/attacks, mobile forensics experience - Familiarity with Resilient SOAR platform
All of our opportunities require that applicants are eligible to work in the specified country/location, unless otherwise stated in the job description.