Job description
Harrington Starr are proud to be representing their client's search for a Cyber Threat Operations/Defence Analyst (Threat Hunter Analyst). This client of ours are a leading global investment bank who are continuing their incredible growth currently.
Day to Day Responsibilities:
- Triage active alerts and campaigns for potential systemic threats to our clients global business
- Proactively seek out suspicious activity and threats within the environment, act appropriately to contain and mitigate them
- Perform real-time detection, analysis, and response to threats via an EDR tool
- Create new alerts and investigation methods in relation to the ever-changing threat landscape
- Analyse attacks and trends facing the our clients organisation to better define proactive defensive measures
- Investigate threat actor activity and discover their infrastructure, motivations, and potential future actions
- Take proactive actions to have observed brand impersonating and malicious sites removed
- Discover internal security concerns and raise findings with the appropriate internal teams
Key Skills Required:
- Splunk experience
- EDR platform experience
- SOAR experience
- Knowledge and experience decoding and deciphering malicious code
- Familiarity with various network and cloud architectures
- Identity and Access Management (IAM)
- User and Entity Behaviour Analytics (UBA/UEBA)
Some additional Skills that would be preferable but not essential:
- Scripting language understanding (Python, Powershell, etc.)
- Familiarity with the MITRE Attack framework
Harrington Starr are proud to be representing their client's search for a Cyber Threat Operations/Defence Analyst (Threat Hunter Analyst). This client of ours are a leading global investment bank who are continuing their incredible growth currently.
Day to Day Responsibilities:
- Triage active alerts and campaigns for potential systemic threats to our clients global business
- Proactively seek out suspicious activity and threats within the environment, act appropriately to contain and mitigate them
- Perform real-time detection, analysis, and response to threats via an EDR tool
- Create new alerts and investigation methods in relation to the ever-changing threat landscape
- Analyse attacks and trends facing the our clients organisation to better define proactive defensive measures
- Investigate threat actor activity and discover their infrastructure, motivations, and potential future actions
- Take proactive actions to have observed brand impersonating and malicious sites removed
- Discover internal security concerns and raise findings with the appropriate internal teams
Key Skills Required:
- Splunk experience
- EDR platform experience
- SOAR experience
- Knowledge and experience decoding and deciphering malicious code
- Familiarity with various network and cloud architectures
- Identity and Access Management (IAM)
- User and Entity Behaviour Analytics (UBA/UEBA)
Some additional Skills that would be preferable but not essential:
- Scripting language understanding (Python, Powershell, etc.)
- Familiarity with the MITRE Attack framework
Apply for this job