Cyber Security Consultant

Key Responsibilities

• Own and be accountable for security incidents; taking the lead in driving global remediation activities
• Ensure simple, repeatable, manual tasks are automated within the Incident Response process
• Ensure a best-practice program is in place to manage and maintain our security response procedures
• Proactively develop and deliver new incident response capabilities, tooling and processes.
• Develop an incident management strategy, focussing on regular reviews and exercises.
• Create and deliver table-top and simulated exercises focussing on areas of risk identified by our Threat Intelligence team.
• Ensure the operational security process is consistently maintained across our global regions, taking into account different regulatory requirements and rules.
• Acting as the point of contact for our global business incident management team for all security related incidents.
• Run Post Incident Reviews and track and manage outcomes to delivery.

Experience and Skills Required

• Experience and strong understanding of frontline security operations
• Experience running a vulnerability remediation programme or overseeing vulnerability teams would be advantageous
• Experience running complex security incidents at a global scale
• Experience creating or continually improving an incident management program
• Strong reporting ability, with an understanding on how to tailor reports to show improvements and learnings
• In depth understanding of modern attack techniques and flows
• Clear and demonstratable understanding of NIST and MITRE Att&ck Methodologies
• Experience in cloud environments (Ideally Azure)
• Strong communication skills with evidence of being in a position responsible for taking feedback from technical teams and turning this into improvements.
• Banking or Finance industry related experience desirable
• Security Incident Management Qualifications preferred
• Security Incident related qualifications (e.g SANS 504)
• At least 3 years of experience working in an Incident Response position.
• Experienced responding to global complex security events
• Experienced using NIST or MITRE frameworks to deploy defensive plans and/or actions
• Experience explaining the risk of security threats and creating mitigations.
• Experience of general IT infrastructure technologies and principles.
• Experience of using vulnerability management tooling e.g Nexpose, Qualys etc.
• Understanding of the underlying protocols including: HTTP, HTTPS, SMTP, SQL.
• Understanding of Networking Architecture (OSI Model).
• Analytical skills
• Challenge the current processes
• Passion for the cybersecurity field
• Time management
• Able to organize others
• Nice to Have Certifications - Security+, Network+, GCIA, GCIH, GCFA, GMON, GNFA, SSCP, OSCP