Key Words: Security Consulting, Information Security, Security Assessments, Penetration Testing, Red Teaming, PCI & Payment Security, Research, Security Assessments, Compliance, Mobile Security, Incident Response, Scanning Services, Training, Threat Modelling, Cyber Security, Cyber Defence, and Phishing Assessments, Network Security
Role: Network Intrusion Analyst
Industry: Security consulting
Function: Network investigation, Manage Incidents and Events, Countercept Detection
About Our Client,
Our client is focuses on delivering a comprehensive range of IT Security services to blue chip and public sector clients. Their philosophy is to deliver high quality testing, consultancy services and unsurpassed levels of support to the client base.
They offer specialisation in areas like Information Security, Penetration Testing, Red Teaming, PCI & Payment Security, Research, Security Assessments, Compliance, Mobile Security, Incident Response, Scanning Services, Training, Threat Modelling, Cyber Security, Cyber Defence, and Phishing Assessments
About the Network Intrusion Analyst,
- The team works on shifting, hunting through client’s networks looking for signs of compromise. They detect and contain everything including advanced, highly capable criminal to state sponsored adversaries and monitor an array of companies across multiple industry sectors with a global reach.
- No prior knowledge of attack detection is required for this role. Our client is looking for someone who’s smart and passionate about security with a solid understanding of computer networking principles and ideally some level of ability to code/script.
- Investigate network and host based security events
- Manage events from detection to resolution
- Liaise with clients and report potential findings from both a technical and business perspective
- Assist in developing Countercept’s detection and logging technology
- Assist in developing Countercept data analytics and intelligence
- Perform proactive hunting
- Perform basic malware analysis
- Excellent knowledge of networking and protocols like TCP/IP, HTTP/S, DNS, etc.
- Understanding of Windows and Linux
- Experience investigating compromise events and/or SOC experience
- Ability to differentiate between regular traffic and anomalies
- Experience with modern offensive techniques and APT TTP's.
- Experience with traffic analysis platforms like Bro and Snort
- Experience with SIEM platforms and event filtering/parsing
- Experience with malware analysis
- Scripting experience with Python/Perl/Ruby/Powershell
- Security certifications - GIAC/OSCP/CREST