National Grid
We are one of the world’s largest investor-owned energy companies, committed to delivering electricity and gas safely, reliably and efficiently to the customers and communities we serve.
At National Grid, we keep people connected and society moving. But it’s so much more than that. National Grid supplies us with the environment to make it happen. As we generate momentum in the energy transition for all, we don’t plan on leaving any of our customers in the dark. So, join us as a UK CSIRT Analyst, and find your superpower.
As part of the National Grid Cyber Security Incident Response Team (CSIRT), you will be employed within a global team as a Tier 1 CSIRT analyst within its Cyber Security Operations Centre (CSOC). We respond as one global team, US & UK, comprising of analysts, senior analysts, principal analysts, & managers. This affords you a team you can query, learn, and rely upon. The UK CSIRT Shift Analyst will deliver the actions and activities as required and detailed in Cyber Incident Response plans. Using technical expertise and co-ordination capabilities, they will work at times independently to respond to incidents and issues.
This role is based in Warwick and will be a shift role, of which the shifts range from 6 am – 9 pm, with compensated shift allowance, and home work available.
Key Accountabilities
1. As CSIRT Analyst you will monitor, respond to, and investigate cyber security incidents, ensuring that the full end to end investigation of events are fully triaged.
2. We respond as one global team, US & UK, comprising of Vulnerability Management, Digital Forensics, SOAR team, Operational Threat & Analytics, and Incident Management.
3. Additionally, we respond using automated workflows built within the Phantom case management system, and Global Incident and Response procedures.
4. Respond to security events within the estate, including:
* Microsoft Azure Cloud
* Splunk SIEM
* Enterprise and OT Intrusion Detection/Prevention Systems (IDS/IPS)
* Phishing Emails
* Tanium Endpoint Detection & Response (EDR)
* In-house curated alerts aligning to our security tooling and technology within Enterprise, OT and CNI.
* Event log analysis.
* Packet capture analysis.
About You
We are open minded when it comes to hiring. If you are intellectually curious, a critical thinker, enjoy solving problems and possess the aptitude and attitude to learn, we would like to hear from you!
Desirable experience would include:
* Ability to investigate a person's behaviour and illustrate anomalous behaviour observed.
* Experience in packet capture analysis, EDR, IDS/IPS, SIEM and AV.
* Knowledge of Windows/Linux/Mac Host internals.
* Knowledge of Cloud, Azure, KQL, Scripting, Microsoft Defender.
* Knowledge of network protocols and windows enterprise domains.
* Knowledge of MITRE ATT&CK tactics and techniques.
* Knowledge of Splunk.
* Knowledge of OT and CNI working environments.
* Knowledge of Kubernetes or associated Cloud Native Computing.
* You will need to qualify for Security clearance.
Qualifications
* At least one of the following certifications or equivalent experience: - GIAC Certified Forensic Analyst (GCFA), GIAC Reverse Engineering Malware (GREM), GIAC Cyber Threat Intelligence (GCTI), GIAC Certified Incident Handler (GCIH), GIAC Network Forensic Analyst (GNFA), GIAC Response and Industrial Defence (GRID), GIAC Certified Intrusion Analyst (GCIA), GIAC Penetration Tester (GPEN) or equivalent.
* Related IT/Cyber certification from ISC2, CompTIA, or other bodies.
What You'll Get
A competitive salary between £46,000 – £55,000 – dependent on capability.
As well as your base salary, you will receive a bonus based on personal and company performance and a competitive contributory pension scheme where we will double match your contribution to a maximum company contribution of 12%. You will also have access to a number of flexible benefits such as a share incentive plan, salary sacrifice car and technology schemes, support via employee assistance lines and matched charity giving to name a few.
At National Grid, we work towards the highest standards in everything we do, including how we support, value and develop our people. Our aim is to encourage and support employees to thrive and be the best they can be. We celebrate the difference people can bring into our organisation, and welcome and encourage applicants with diverse experiences and backgrounds, and offer flexible and tailored support, at home and in the office.
Our goal is to drive, develop and operate our business in a way that results in a more inclusive culture. All employment is decided on the basis of qualifications, the innovation from diverse teams & perspectives and business need. We are committed to building a workforce so we can represent the communities we serve and have a working environment in which each individual feels valued, respected, fairly treated, and able to reach their full potential.
#J-18808-Ljbffr