Opportunity

Job description

Harrington Starr are proud to be representing their client's search for a Cyber Threat Operations/Defence Analyst (Threat Hunter Analyst). This client of ours are a leading global investment bank who are continuing their incredible growth currently.

Day to Day Responsibilities:

• Triage active alerts and campaigns for potential systemic threats to our clients global business
• Proactively seek out suspicious activity and threats within the environment, act appropriately to contain and mitigate them
• Perform real-time detection, analysis, and response to threats via an EDR tool
• Create new alerts and investigation methods in relation to the ever-changing threat landscape
• Analyse attacks and trends facing the our clients organisation to better define proactive defensive measures
• Investigate threat actor activity and discover their infrastructure, motivations, and potential future actions
• Take proactive actions to have observed brand impersonating and malicious sites removed
• Discover internal security concerns and raise findings with the appropriate internal teams

Key Skills Required:

• Splunk experience
• EDR platform experience
• SOAR experience
• Knowledge and experience decoding and deciphering malicious code
• Familiarity with various network and cloud architectures
• Identity and Access Management (IAM)
• User and Entity Behaviour Analytics (UBA/UEBA)

Some additional Skills that would be preferable but not essential:

• Scripting language understanding (Python, Powershell, etc.)
• Familiarity with the MITRE Attack framework

Harrington Starr are proud to be representing their client's search for a Cyber Threat Operations/Defence Analyst (Threat Hunter Analyst). This client of ours are a leading global investment bank who are continuing their incredible growth currently.

Day to Day Responsibilities:

• Triage active alerts and campaigns for potential systemic threats to our clients global business
• Proactively seek out suspicious activity and threats within the environment, act appropriately to contain and mitigate them
• Perform real-time detection, analysis, and response to threats via an EDR tool
• Create new alerts and investigation methods in relation to the ever-changing threat landscape
• Analyse attacks and trends facing the our clients organisation to better define proactive defensive measures
• Investigate threat actor activity and discover their infrastructure, motivations, and potential future actions
• Take proactive actions to have observed brand impersonating and malicious sites removed
• Discover internal security concerns and raise findings with the appropriate internal teams

Key Skills Required:

• Splunk experience
• EDR platform experience
• SOAR experience
• Knowledge and experience decoding and deciphering malicious code
• Familiarity with various network and cloud architectures
• Identity and Access Management (IAM)
• User and Entity Behaviour Analytics (UBA/UEBA)

Some additional Skills that would be preferable but not essential:

• Scripting language understanding (Python, Powershell, etc.)
• Familiarity with the MITRE Attack framework