Lead External Attack Analyst
Based in Preston/Frimley (Hybrid)
£60,000 - £70,000 per annum + 10% bonus
Must be eligible for SC Clearance
What you'll be doing:
1. Maintains the Global Attack Surface Management service to ensure perimeter assets are known and tested, and Shadow-IT assets are discovered and brought into governance.
2. Assists with complex purple team operations by providing subject matter expertise on the available attack surface and known weaknesses.
3. Ensures external attack surface assessments, highlights perimeter risks, and ensures resolution is being conducted in line with documented processes.
4. Identifies security weaknesses and misconfigurations, ensuring they are raised with the appropriate resolver groups.
5. Checks and protects through monitoring the global external attack surface and performs continual testing of security controls.
6. Leads on policy implementation, high standards, and best practices within Attack Surface Management and Active Defence.
7. Is responsible for specific work areas and provides mentorship and expertise to others in the team.
8. Supports the Active Defence Manager when required, particularly on forecasting future team operations.
9. Acts as a subject matter expert (SME) on emerging threats.
Your skills and experiences:
Essential:
1. Broad and detailed experience of technologies including but not limited to VPN appliances, Firewalls, Attack Surface Management, IDS/IPS, Endpoint Protection, Microsoft Operating Systems, Linux, TCP/IP, Networking, Cloud, CDN's, Web Server's, Open-Source tooling, and Vulnerability Management.
2. A good technical background with a detailed knowledge of cyber security, computer networks, and operating systems.
3. Analytical background and is comfortable analysing and interpreting large and complex data sets and articulating the story behind any observations along with providing conclusions and recommendations.
4. Detailed knowledge of the current threat landscape, the TTPs frequently employed in those attacks, and how we can investigate and mitigate these.
5. Experience in the interpretation of threat intelligence and working on complex issues with little need for supervision or support.
6. Knowledge and demonstrable experience of the MITRE ATT&CK framework.
#J-18808-Ljbffr