Attack Monitoring Analyst - Finance - London
Tech Skills: CEH, CISM, CISSP, Threat analysis, incident management / escalation, Linux, Networks, Malware.
Be the backbone for security operations, delivering expertise 24x7x365 around security event monitoring, detection, analysis & escalation. One of the key team responsibilities is to support the operations centre which provides incidents on a global scale.
- Identification of electronic attacks from internal and external sources globally
- Triaging of detected attacks and event escalation to the appropriate business area
- Acting as 1st line point of contact for detected security incidents
- Apply decision-making logic and adequately react to security events affecting the business areas of the group
- Provide a command, control and reporting support to JOC for all security incidents
- Analyse intelligence information to ensure enhanced detection as well as improvement of function capability
- Maintain the relationships with business units as well as wider CSO organization to identify areas of improvement.
- Support enhancement, improvement and delivery of monitoring and response methods and processes to reduce risk
- Shift work to ensure 24x7x365 coverage
- Identify attacks and malware on the systems, data or networks.
- Respond to global security events affecting the organisations networks & provide guidance to identify attackers
- Track and report related security incidents
- Analysis and response of detected security incidents ensuring a timely escalation
- Knowledge of Post incident Response techniques
- Excellent understanding of technologies such as; Threat, Malware Analysis, Vulnerability Assessment, Security Monitoring.
- An understanding of the security mechanisms associated with Windows or Unix operating systems, networks and applications
- Broad understanding of security techniques and technologies including Intrusion Detection, Sandbox, Proxy & URL filtering
- Experience responding to information security incidents
- Familiar with current malware trends and solutions
- Exposure to Host and Network Intrusion Detection systems and knowledge of log analysis tools and techniques
- CEH, CISM, SANS (GSEC, GCIA, GCED, GCIH), CISSP and etc.
If you feel this role is of interest to yourself or matches some of the skillset you have developed over your career, please do not hesitate to get in touch with myself on 0203 189 4350 or email me on Alternatively, if you are interested in other opportunities please do give me a call to see if there is anything we can do here at Twenty.