Cyber Defence Analyst

Job not on LinkedIn

November 11

Apply Now

Receive Emails with Similar Jobs

Experian

WebsiteLinkedInAll Job Openings

Artificial Intelligence • B2B • SaaS

Experian is a global leader in digital experience, technology, and transformation. They partner with recognized brands to enhance customer understanding, innovate product strategies, and implement agile technology solutions. With a focus on delivering superior customer experiences through AI, cloud architecture, and project management, Experian helps businesses streamline their operations and achieve their objectives effectively.

10001 employees

Founded 1996

🤖 Artificial Intelligence

🤝 B2B

☁️ SaaS

📋 Description

• Contribute to daily security operations by overseeing response activities for security events and alerts associated with cyber threats, intrusions, and compromises alongside a team of global security analysts following documented SLOs and processes. • Analyze events using security tooling and logging (e.g., SIEM, EDR) and assess potential risk / severity level of cyber threats; escalate higher-risk events to dedicated incident response and management teams in the CFC according to established processes. • Collaborate with external teams for incident resolution and escalations, driving incident handling • Notify team Lead(s) of concerns related to operations, such as anomalous changes in metrics, notable open incidents, quality concerns, or observed risks; support with resolution if appropriate • Manage and complete assigned caseload throughout the incident response lifecycle, including analysis, containment, eradication, recovery, and lessons learned. • Maintain all case documentation, including notes, analysis findings, containment steps, and cause for each assigned security incident. • Ensure incident updates or contact with end-users are performed promptly and documented. • Help improve relevant strategies, Standard Operating Procedures (SOPs), and training materials • Support management's overall strategy for CFC by participating in execution of improvement programs together with management's plans • Assist the team Leads and management on use case development by suggesting enhancement or tuning of use cases to improve the security posture of Experian

🎯 Requirements

• Some information security experience working within a Security Operations Center or Cyber Security Incident Response Teams • Bachelor's Degree in Computer Science, Computer Engineering, Information Systems, Information Security or professional certification related to Digital Forensics, Incident Response, or Ethical Hacking (e.g., GCIH, CEH, GCFE, GCFA, and CFCE). • Knowledge of main concepts related to the Incident Response Life Cycle, MITRE ATT&CK Framework, Cyber Kill Chain, and other cybersecurity frameworks. • High-level understanding of common intrusion methods and cyber-attack tactics, techniques, and procedures (TTPs), and common industry recommendations to prevent and respond to threats such as phishing, malware, network attacks, suspicious activity, data security incidents. • Exposure to technical elements of common Operating Systems (Windows, Linux, Mac OS), Networking (Firewalls, Proxies, NetFlow), Cloud Infrastructure (AWS, Azure, GCP), and Security Technologies (Anti-Virus, Intrusion Prevention, Web Application Firewalls) • Interest in developing knowledge across common Incident Response and Security Monitoring applications such as SIEM (e.g., Qradar, Splunk), EDR (e.g., FireEye HX, CrowdStrike Falcon, Microsoft Defender), and SOAR (Palo Alto XSOAR, Google Secops / Chronicle) • Desire to build technical skills and hands-on knowledge in the following areas of security operations and incident response • In-depth packet analysis skills, core forensic familiarity, incident response skills, public could security practices, and data fusion skills based on multiple security data sources • Security analysis and architecture of Azure and AWS cloud environment using security tools including Defender for Cloud, GuardDuty, CloudTrail, or CloudWatch. • System administration on Unix, Linux, or Windows • Network forensics, logging, and event management • Defensive network infrastructure (operations or engineering) • Vulnerability assessment and penetration testing concepts • Malware analysis concepts, techniques, and reverse engineering • In-depth knowledge of network and host security technologies and products (such as firewalls, network IDS, scanners) and improve these skills • Security monitoring technologies, such as SIEM, IPS/IDS, UEBA, DLP, among others • Scripting and automation

🏖️ Benefits

• Flexible work environment, working hybrid or in the office if you prefer. • Great compensation package and discretionary bonus plan • Core benefits include pension, bupa healthcare, sharesave scheme and more • 25 days annual leave with 8 bank holidays and 3 volunteering days. • You can purchase additional annual leave.