Desired Skills and Experience
- Contribute towards the continual-improvement of our threat hunting capabilities & tooling.
- Investigation & root cause analysis of security events & incidents escalated from our security operation centre.
- Training and knowledge transfer to peers, the Security Operations Centre and the wider IT team.
- Opensource tools and papers.
- Staff education and awareness.
- Act as a security subject matter expert to support development and operations teams and activities.
- Design and develop automation to ensure platform, services, and machine security.
- Develop security monitoring and detection systems. Investigate anomalous events across our service infrastructure and coordinate response with DevOps teams
- Recommend and help implement improved threat response capabilities into the DevOps platform
- Assist with code review for deployment automation as well as actual product capabilities
- Coordinate testing activities including traditional penetration testing as well as developing automated security QA testing
- Articulate complex technical security issues into business focused terms and communicate to stakeholders.
- Have and maintain (via conferences, etc) a great knowledge of infosec industry trends and developments and advise on changes to the threat landscape.
- Identify, propose and initiate improvements to the organisations security posture.
- Development experience, Python, PHP and C
- Experience with secure development
- Experience with SIEM solutions - Splunk, Kibana, Logstash, Sumo Logic or similar.
- Cross-platform knowledge of Enterprise IT infrastructure (Networking, Operating Systems, Databases, etc).
- Strong interpersonal skills.
- Experience with cloud security architectures – particularly AWS and the related toolingÂ
- Deep knowledge of Operating system internals across Linux & Windows.
- Deep understanding of SDLC and Devops.
- Understanding of TCP-IP and Packet Captures
- Experience working in a global environment.
- Contributions to open-source security projects and/or publications.
- Knowledge of Sophos products.
- Hands on experience of network, memory and host forensics.
- Hands on experience investigating & responding to comprises by advanced attackers