Incident Response Analyst

Marcus Donald are currently looking to source a Incident Response Analyst to join a popular Financial firm in the City of London.

This role is initially home based and will then be based in the City of London.

Are you experienced in Security Operations, with a passion for cyber incident management, detection and response, and looking for a new role in a growing team?

As an Incident Response Analyst, you will be a key part of our clients security operations team detecting and responding to cyber-events, incidents, and working with our global teams to keep the business safe and secure.

This role would suit someone with a background in Security Operations, IT Operations, or Incident Management, who has experience of taking ownership for incidents and applying their expertise to identify and prevent attacks against businesses in the UK.

Incident Response Analyst - Responsibilities:

• Lead incident response investigations through to closure
• Identify and respond to security events from security tooling and service providers
• Advise on forensic activities and chain of custody during incidents
• Work hand in glove with the Security Engineering team to aid them in implementing new technologies and tuning existing monitoring and alerting technologies
• Collaborate with the Threat Intelligent team to ensure we are assessing cyber-events in the context of known and emerging threats
• Establish and maintain relationships across the business and Group
• Work collaboratively with the wider Information Security team

Incident Response Analyst - Skills and Experience:

• In-depth knowledge, with demonstrable experience, of incident response management
• Technical understanding of cyber security incidents, attack vectors, kill chains, and how to manage a cyber-incident to resolution
• Hands on experience of forensics activities, such as image acquisition
• Expertise in cyber security tooling (SIEM, DLP, AV, Endpoint Detection, WAF, IDS/IPS etc.)
• Working knowledge of Information Security defence and intelligence frameworks (i.e. MITRE ATT&CK)
• Working knowledge of cloud environments, and cloud based security services / tools
• Experience of continually maturing key documentation and processes, such as playbooks and incident response processes
• Experience in nurturing and developing peers to up-skill a team and drive maturity of incident response and detection and response capabilities within an organisation
• Able to translate Information Security and IT risk language into business language
• Able to build and main relationships and influence key stakeholders across the business
• A creative and analytical mind with good customer interfacing and excellent communications skills

If this position is of interest, please do not hesitate to contact Bobby Corbyn for any questions that may need answering and/or further information regarding the company and role.