Desired Skills and Experience
- Continual improvement of our threat hunting capabilities & tooling.
- Work with our Red Team to develop detection against their activities.
- Training and knowledge transfer to peers, the Security Operations Centre and the wider IT team.
- Opensource tools and papers.
- Act as a security subject matter expert to support development and operations teams and activities.
- Design and develop automation to ensure platform, services, and machine security.
- Develop security monitoring and detection systems. Investigate anomalous events across our service infrastructure and coordinate response with DevOps teams
- Articulate complex technical security issues into business focused terms and communicate to stakeholders.
- Have and maintain (via conferences, etc) a great knowledge of infosec industry trends and developments and advise on changes to the threat landscape.
- Identify, propose and initiate improvements to the organisation’s security posture.
- Investigation & root cause analysis of security events & incidents escalated from our security operation centre.
- Occasionally required to be available out-of-hours.
- Some global travel may be required
- Development experience, Python,
- Experience with secure development
- Cross-platform knowledge of Enterprise IT infrastructure (Networking, Operating Systems, Databases, etc).
- Strong interpersonal skills.
- Experience with cloud security architectures – particularly AWS and the related tooling
- Deep knowledge of Operating system internals across Linux & Windows.
- Experience with SIEM solutions - Splunk, Kibana, Logstash, Sumo Logic or similar.
- Deep understanding of SDLC and DevOps.
- Understanding of TCP-IP and Packet Captures
- Experience working in a global environment.
- Contributions to open-source security projects and/or publications.
- Knowledge of Sophos products.
- Hands on experience of network, memory and host forensics.
- Hands on experience investigating & responding to comprises by advanced attackers
- Educated to bachelor degree level or relevant experience.
- Security-related professional certification (Crest CRIA/CCNIA/CCMRE/CCHIA, SANS GIAC, GCIH, GPEN, GCFA)