Job ID: 41649
Location: LRQA Nettitude: Birmingham
Position Category: Risk Management
Position Type: Employee Regular
Founded in 2003, LRQA Nettitude is an award-winning global provider of cybersecurity services, bringing innovative thought leadership to the ever-evolving cybersecurity marketplace. Through our research and innovation, we provide threat-led services that span technical assurance, consulting, and managed detection and response offerings.
We are driven by a desire to build and deliver the best cybersecurity propositions in the industry and stay abreast of the evolving legislative and regulatory landscape. This helps our clients to prioritize their cybersecurity risks, enabling them to focus on the activities that are core to their business.
Working as a key member of our 24x7 SOC team, you will use your expertise to detect and respond to threats of varying capabilities and sophistication within agreed SLAs. You will use next-generation SIEM, EDR, network monitoring, in-house technology, and commercial threat intelligence to deliver continuous monitoring and triage suspicious events, providing an assessment of risk/threat to enable efficient response.
Not only will you assess threats using all information sources available to you, you’ll also be involved in projects that enhance our capability, ensuring we continue to build on our cutting-edge detection & response services, protecting our clients globally.
We don’t operate under the traditional SOC tiers, with no glass ceilings, and we prioritize development as part of our close-knit, high-trust team. So, the passion and drive to get involved, make a difference, and having an eye for detail is key to us providing a first-class service, supporting both our security mission and that of our clients.
Nettitude Managed Security Services have a flexible working policy and therefore we can support working from across the UK. There may be a requirement to attend our Birmingham office on occasion. All applicants will require residence in the UK.
What you’ll be doing in your role:
* Operate as part of the 24x7 SOC Monitor Team, providing proactive defensive monitoring to clients of all shapes, sizes, and industries.
* Utilise industry-leading security tools to investigate cyberattacks and be the first to detect and respond to real threats with diverse capability, sophistication, vectors, and objectives.
* Generate detailed, jargon-free Incident Reports of your findings, with actionable recommendations, mitigations, and investigative leads.
* Maintain regular verbal and written communications with stakeholders, representing Nettitude internally and externally as required.
* Create high-standard management and operational reports in a timely, concise, and actionable manner.
* Support the creation and maintenance of use-cases, detections, threat hunts, and playbooks using industry best-practice, detections frameworks, and emerging threat intelligence.
* Maintain an up-to-date global security awareness via a mixture of open, closed, and commercial sources, including defensive monitoring technologies, threats, and trends.
* Perform basic static and dynamic analysis as part of phishing email investigations.
* Take part in Threat Hunting across multiple toolsets to proactively identify tactics, techniques, and procedures commonly observed in advanced adversary operations; analysing and enriching data across clients' environments, documenting findings and providing feedback and recommendations.
Key Skills:
The following are the requirements for this role:
Technical:
* Good working knowledge of the Cyber Kill Chain and Mitre ATT&CK frameworks, specifically in understanding what stages an attack technique would be and how to interrupt it.
* Developed knowledge of attack vectors, TTPs, and the ability to differentiate between normal and abnormal activity using this knowledge, providing recommendations on countermeasures and remediations.
* Ability to analyse and transform complex datasets across multiple formats and draw sensible conclusions from your analysis.
* Strong understanding of Windows and Linux internals.
* Working knowledge of enterprise devices and the logs they provide.
* Strong understanding of languages such as Python, PowerShell, SQL, and KQL.
People:
* Strong communication and interpersonal skills in a customer-facing role.
* Demonstrable ability to work with a high degree of autonomy, on personal projects and within a collaborative team.
* Demonstrable dedication to continually grow and develop.
* Be a self-starter, able to initiate and develop concepts and ideas into solutions.
* Ability to attain Security Clearance (SC).
There are no formal requirements for any qualifications or certifications. We’re not looking for badge collectors; we look far deeper than that. However, one or more of the following may serve as a distinct advantage:
* SC-200: Microsoft Security Operations Analyst, AZ-500: Azure Security Engineer Associate, or MS-500: Security Administrator Associate.
* CREST CPIA, CRIA, CPTIA or above.
* CompTIA certifications (Security+, CySA+).
* Azure/AWS/GCP Administrator/Engineer, DevOps or Data.
* Defensive Security or similar industry-recognised certifications (E.g. GIAC, SBT) are also well received.
What we offer:
We are a people-focused, high-performing managed security services team. We pride ourselves on our investment in our people, meaning as we are a fast-evolving team in an exciting working environment, you’ll always have opportunities to solve the latest cybersecurity challenges, with the responsibility and development opportunities to match.
Diversity and Inclusion at LRQA:
We are on a mission to be the place where we all want to work and we are passionate about embracing different perspectives because we understand the value this brings to our business, our clients, and each other. We are all about creating a safer and more sustainable future and our inclusive culture is right at the heart of our business.
Together our employees make our communities better and we want you to be part of our diverse team!
LRQA is a leading global assurance provider. The integrity and expertise we bring to our partnership with clients support their journey to a safer, more secure, and more sustainable future.
#J-18808-Ljbffr