Cyber Defence Anlayst
Multiple Locations
Must be DV cleared
Your Role:
- Develop and integrate security event monitoring and incident management services.
- Respond promptly to security incidents as part of an incident response team.
- Implement metrics and dashboards to provide visibility of the Enterprise infrastructure.
- Utilize the SOAR platform for playbook automation and case management to streamline team processes.
- Produce documentation to ensure repeatability and standardization of security operating procedures.
- Develop innovative investigative methods using SOC software toolsets to enhance threat detection capabilities.
- Maintain system security baseline according to the latest threat intelligence and evolving trends.
- Participate in root cause analysis of incidents in collaboration with engineers across the enterprise.
- Provide Subject Matter Expertise (SME) on information security standards and best practices.
- Offer strategic and tactical security guidance, including technical control evaluation.
- Contribute to the CRM process.
- Collaborate with SOC engineers to maintain up-to-date security alert dashboards for improved incident response.
- Document, validate, and create operational processes and procedures to enhance SOC development.
- Assist in identifying, prioritizing, and coordinating the protection of critical cyber defence infrastructure and key resources.
- Build, install, configure, and test dedicated cyber defence hardware.
- Support Junior Analysts in managing SOC systems.
- Demonstrate previous experience with Enterprise ICS/network architectures and technologies.
- Possess experience and knowledge of SIEM solutions, including use case identification, creation, deployment, and tuning.
- Serve as a mentor/coach to junior analysts.
Your Profile:
- Previous experience utilizing the MITRE ATT&CK and Cyber Kill Chain frameworks.
- Proficiency in maintaining Microsoft directory services.
- Familiarity with virtualization software.
- Knowledge of key security frameworks such as ISO, NIST 800-53, (Apply online only), (Apply online only), C2M2.
- Excellent communication skills.
- Experience in writing Defence/Government documentation.
GCS is acting as an Employment Agency in relation to this vacancy.