Job Title: Senior Threat Detection Analyst
Location: Preston, Frimley, or Filton. We offer a range of hybrid and flexible working arrangements - please speak to your recruiter about the options for this particular role.
Salary: Circa £53,000 depending on experience and skills
What you'll be doing:
* Triage, analyse and investigate alerts, log data and network traffic using the monitoring platforms and Internet resources to identify cyber-attacks / security incidents
* Threat hunting across adversary behaviours for those threats not easily detected by existing use cases
* Act as a mentor and as an escalation point within the team for technical queries
* Ensure timely and accurate communication of incidents to IT, network or security teams across BAE Systems
* Escalate suspected major security incidents / investigations where support is required
* Define monitoring use cases and develop prototype rules with minimal supervision, in response to intelligence or gaps in defences
* Build, test and deploy new detection capabilities across the environment
* Contribute to the development of the services through people, process, and technology where appropriate
* Build a comprehensive knowledge of BAE Systems IT systems to support monitoring activities and tailor remediation recommendations to systems
* Contribute to and help define requirements for future security capabilities along with the Analyst
Your skills and experiences:
Essential:
* Broad and detailed experience of technologies including but not limited to firewalls, IDS/IPS, Active Directory, endpoint protection, Windows Server, Linux, TCP/IP, Networks, Cloud, CDN's and Vulnerability Management
* Technical background with a detailed knowledge of cyber security, computer networks and operating systems
* Analytical background and comfortable analysing and interpreting large and complex data sets and articulating the story behind any observations along with providing conclusions and recommendations
* Knowledge and experience of using tools to dissect common threats to produce usable IOCs, for example: Malicious document analysis
* Detailed knowledge of the current threat landscape, the TTPs frequently employed in those attacks and how we can investigate and mitigate these
* Relevant Vendor and GIAC Qualifications or equivalent industry experience
* Previous Security Operations, investigative or other relevant experience
Desirable:
* Background of prior experience of working in an information and/or cyber security environment (Government or commercial sector)
* Previous experience using Splunk or other SIEM platforms
* Development experience or scripting languages
* Relevant security certifications such as CISSP, SSCP, CEH, GCIH or GCIA
Benefits:
You'll receive benefits including a competitive pension scheme, enhanced annual leave allowance and a Company contributed Share Incentive Plan. You'll also have access to additional benefits such as flexible working, an employee assistance programme, Cycle2work and employee discounts - you may also be eligible for an annual incentive.
The Cyber Operations team:
Cyber Operations is responsible for protecting BAE Systems from Cyber Attack by various threat actors. Not only do we protect BAE Systems and its employees, indirectly we protect those who protect us - who serve in our military and rely on the products and services we create. Across Threat Intelligence, Detection, Incident Response and now Active Defence we work to evolve cyber operations as a world class capability. All roles in Cyber Operations are supported by Immersive Labs and other training as part of our Cyber Academy.
Why BAE Systems?
This is a place where you'll be able to make a real difference. You'll be part of an inclusive culture that values diversity, rewards integrity, and merit, and where you'll be empowered to fulfil your potential. We welcome candidates from all backgrounds and particularly from sections of the community who are currently underrepresented within our industry, including women, ethnic minorities, people with disabilities and LGBTQ+ individuals.
We also want to make sure that our recruitment processes are as inclusive as possible. If you have a disability or health condition (for example dyslexia, autism, an anxiety disorder etc.) that may affect your performance in certain assessment types, please speak to your recruiter about potential reasonable adjustments.
Please be aware that many roles working for BAE Systems will be subject to both security and export control restrictions. These restrictions mean that factors including your nationality, any previous nationalities you have held, and your place of birth may limit those roles you can perform for the organisation.
Closing Date: 22nd August 2024
We reserve the right to close this vacancy early if we receive sufficient applications for the role. Therefore, if you are interested, please submit your application as early as possible.
#J-18808-Ljbffr