Lead External Attack Analyst
Based in Preston/Frimley (Hybrid)
£60,000 - £70,000 per annum + 10% bonus
Must be eligible for SC Clearance
What you'll be doing:
* Maintains the Global Attack Surface Management service to ensure perimeter assets are known and tested, and Shadow-IT assets are discovered and brought into governance
* Assists with complex purple team operations by providing subject matter expertise on the available attack surface and known weaknesses
* Ensures external attack surface assessments, highlights perimeter risks. Ensures resolution is being conducted in line with documented process
* Identifying security weaknesses and misconfigurations ensuring they are raised with the appropriate resolver groups
* Checking and protecting through monitoring, the global external attack surface and performing continual testing of security controls
* Leading on policy implementation, high standards and best practices within Attack Surface Management and Active Defence
* Is responsible for specific work areas and provides mentorship and expertise to others in the team
* Supports the Active Defence Manager when required, particularly on forecasting future team operations
* Is a subject matter expert (SME) on emerging threats
Your skills and experiences:
Essential:
* Broad and detailed experience of technologies including but not limited to VPN appliances, Firewalls, Attack Surface Management, IDS/IPS, Endpoint Protection, Microsoft Operating Systems, Linux, TCP/IP, Networking, Cloud, CDN's, Web Server's, Open-Source tooling, and Vulnerability Management
* A good technical background with a detailed knowledge of cyber security, computer networks and operating systems
* Analytical background and is comfortable analysing and interpreting large and complex data sets and articulating the story behind any observations along with providing conclusions and recommendations
* Detailed knowledge of the current threat landscape, the TTPs frequently employed in those attacks and how we can investigate and mitigate these
* Is experienced in interpretation of threat intelligence and will work on complex issues with little need for supervision or support
* Knowledge and demonstrable experience of the MITRE ATT&CK framework
#J-18808-Ljbffr