About The Role
FDM is a global business and technology consultancy seeking a Cyber Security Analyst to work for our client within the Public sector. This is initially a 6 month contract with the potential to extend.
You will be at the forefront of safeguarding our client’s digital assets and data. With a deep understanding of the complexities of cyber security, you will be a key part of the cyber team with an ability to develop junior staff, working with the team to monitor the ever-evolving threat landscape.
The role is critical in monitoring, detecting, analysing, and responding to security incidents and threats with precision. Your expertise in security technologies and incident response procedures will be pivotal in protecting critical systems and data.
Leveraging Azure cybersecurity tools, especially Azure Sentinel, you will ensure vigilant incident and event monitoring. Managing a dedicated team of cyber analysts, you will collaborate closely with Security Architects and Threat Intelligence Team to maintain and enhance security posture.
Responsibilities
* Lead and participate in complex incident investigations, utilising advanced techniques to identify the root cause, scope, and impact of security incidents.
* Analyse and interpret security data from multiple sources, including logs, network traffic, and endpoint data, to identify emerging threats and attack patterns.
* Proactively hunt for advanced threats and vulnerabilities within the environment using various threat intelligence sources and security tools.
* Configure, manage, and fine-tune Microsoft Azure Sentinel.
* Design and implement custom log queries and alerts within Azure Sentinel to enhance threat detection and incident response capabilities.
* Communicate effectively with external vendors, technical and non-technical stakeholders, translating complex technical concepts into understandable terms.
* Participate in the development and enhancement of SOC processes, workflows, and procedures to improve incident response efficiency and effectiveness.
About You
Requirements
* 2 years of Cyber Security experience.
* Track record of leading on Cyber incidents and working within a team to remediate threats to the department and an ability to support junior members of the team.
* Effective verbal and written communication skills, including the ability to lead on meetings with external vendors, technical and non-technical stakeholders, translating complex technical concepts into understandable terms.
* Experience using a Security Incident Event Management (SIEM) and security tooling in a Security Operations Centre (SOC) demonstrating improvements in processes, workflows, and incident response leading to greater efficiency and effectiveness.
* Demonstrable experience using a query language to work with large sets of data, preferably Kusto Query Language.
* Experience working with Cloud platforms (AWS, Azure).
* Relevant security-based certifications.
* Documentation of incident, investigation, findings adhering to incident response procedures.
#J-18808-Ljbffr