Remote with some travel required to London and Gloucester, United Kingdom
Cyber Analyst Duration: ASAP until September Clearance: Must have active SC clearance (ideally DV but not essential) Location: Remote with some travel required to London and Gloucester
I'm heading up a project on behalf of a global IT consultancy that require a security cleared Cyber Analyst to join their team on a major government project .
Essential: Previous experience performing triage and 1st/2nd line analysis and SANS or similar incident response stages Basic knowledge of cloud platforms and services, esp. AWS and Azure Windows threat hunting, predominantly via host data analysis Knowledge of attacker TTP's and MITRE ATT&CK model Basic forensic awareness, plus data capture/snapshot techniques for on-prem and public cloud infrastructure Some experience with Splunk SIEM .*KQL skills (or strong SQL skills and familiarity with KQL)*
Highly desirable: Linux analysis/threat hunting NIDS & Network based analysis/threat hunting (eg Zeek/Bro & PCAP analysis) Previous experience with Splunk SIEM, Enterprise Security App, creating and modifying correlation searches Experience analysing AWS and Azure native logs formats and associated analysis (VPC flowlogs, cloudtrail etc) .*Experience in MS Azure suite of security tools Azure Sentinel, Azure Security Centre, Microsoft Defender ATP*
Desirable Basic knowledge of iOS malware/attacks, mobile forensics experience Familiarity with Resilient SOAR platform