We're looking for a Cyber Security Analyst to join the ARCHANGEL™ Protective Monitoring (ProMon) Team. ARCHANGEL™ delivers specialist technical cyber security services to a range of clients across a variety of industries including construction, government, defence and aerospace.
The Team is responsible for providing thorough initial investigation into anomalous network activity that may lead to potential security incidents.
Beyond ARCHANGEL™, Leonardo and its Cyber Security division are a world leader in safety-through-technology, providing tailored solutions for customers in public administration, public safety and security, critical infrastructure, services, transport, post and logistics.
You will be joining our highly skilled team working at our Yeovil site Monday-Friday. This is a great opportunity to bring your talents and form an integral part of Leonardo's future. We can help you develop your skills and offer great opportunities to develop and grow, so why not join us.
So let's get down to what you will do!
Provide monitoring, alerting and incident handling services within the SOC in line with SLAs.
Act as the initial analytical reference point for identifying and then quantifying the nature and extent of security incident and offer initial professional advice relating to possible business impact in order to reduce both the Mean Time to Detect (MTTD) and Mean Time to Respond (MTTR)
Advise on incident containment measures through recommended initial actions to customers in collaboration with the Incident Response (IR) Team
Provide advice relating to potential mitigation measures in order to prevent, or limit future reoccurrence in collaboration with the Incident Response (IR) Team
Have an understanding of Incident Response, Cyber Kill Chain, Threat Modelling and pertinent Attack Vectors
Have a collaborative working ethos in order to work across the team in order to create pertinent Playbooks, Use Cases ,etc
Perform proactive analysis across client networks by staying abreast of current threats and trends
Develop and maintain a credible knowledge of current and emerging threats likely to affect the Integrity of the managed service you are protecting.
Review reoccurring false positive firings and assist in the tuning of SIEM and IDS rules to reduce false positives and maintain good security alerting.
Creation of reporting for management and clients on security incidents and threat intelligence trends.
Requirements
Be able to excellently communicate at all levels, working with customers is a must, so we need you to be able to let them know what's going on
Experience in Cyber Security, e.g. Protective Monitoring, Incident Response, Security Engineering
Have a sound knowledge of IT security best practice, common attack types & detection / prevention methods
Demonstrate experience of analysing & interpreting system, security & application logs in order to diagnose faults & spot abnormal behaviours
Have great organisational skills & attention to detail
Ability to work independently & as part of a team
Highly motivated, with the aptitude to learn new skills
These additional skills will also help:
SANS SEC 503 Intrusion Detection in Depth or equivalent
SANS SEC 504 Incident Handling, Hacker Tools and Techniques or equivalent
SANS SEC 508 Advanced Incident Response, Threat Hunting, and Digital Forensics or equivalent
SANS SEC 511 Continuous Monitoring and Security Operations or equivalent
Exposure to IT service management best practices such as ITIL
Knowledge of standards & guidelines such as ISO27001,GDPR principles and GPG-13.
Threat Intelligence experience
Report Writing
Security Clearance
Why join us
Time to Recharge: Enjoy generous leave
Benefits
Health insuranceVision insuranceEquity / stock options
Additional Information
Job Description:
Salary Range: £37,318 - £45,000
Leonardo UK operates a grade-based salary framework with broad bands. The salary range shown reflects the approved grade band for this role, or a narrower hiring range published within that band, and is benchmarked against the external market. Exceptions above the standard range are managed through governance controls to protect internal equity.
Leonardocompany · - Yeovil - Lysander Rd, UK