Desired Skills and Experience

  • Continual improvement of our threat hunting capabilities & tooling.
  • Work with our Red Team to develop detection against their activities.
  • Training and knowledge transfer to peers, the Security Operations Centre and the wider IT team.
  • Opensource tools and papers.
  • Act as a security subject matter expert to support development and operations teams and activities.
  • Design and develop automation to ensure platform, services, and machine security.
  • Develop security monitoring and detection systems. Investigate anomalous events across our service infrastructure and coordinate response with DevOps teams
  • Articulate complex technical security issues into business focused terms and communicate to stakeholders.
  • Have and maintain (via conferences, etc) a great knowledge of infosec industry trends and developments and advise on changes to the threat landscape.
  • Identify, propose and initiate improvements to the organisation’s security posture.
  • Investigation & root cause analysis of security events & incidents escalated from our security operation centre.
  • Occasionally required to be available out-of-hours.
  • Some global travel may be required
  • Development experience, Python, 
  • Experience with secure development
  • Cross-platform knowledge of Enterprise IT infrastructure (Networking, Operating Systems, Databases, etc).
  • Strong interpersonal skills.
  • Experience with cloud security architectures – particularly AWS and the related tooling
  • Deep knowledge of Operating system internals across Linux & Windows.
  • Experience with SIEM solutions - Splunk, Kibana, Logstash, Sumo Logic or similar.
  • Deep understanding of SDLC and DevOps.
  • Understanding of TCP-IP and Packet Captures
  • Experience working in a global environment.
  • Contributions to open-source security projects and/or publications.
  • Knowledge of Sophos products.
  • Hands on experience of network, memory and host forensics.
  • Hands on experience investigating & responding to comprises by advanced attackers
  • Educated to bachelor degree level or relevant experience.
  • Security-related professional certification (Crest CRIA/CCNIA/CCMRE/CCHIA, SANS GIAC, GCIH, GPEN, GCFA)