Cybersecurity specialist

* Monitor alerts across Security Stack and provide advanced detection and response

service through security event analysis review.

* Perform incident response and basic malware analysis to investigate incidents.

* Help navigate staff from incident response triage into the incident response process if

findings are substantiated.

* Work with the senior security engineers and analysts in fine tuning the security systems

removing any false positive alarms.

* Maintain current knowledge of tools and best practices in forensic and incident response

and develop an understanding of advanced persistent threats, including tools, techniques,

and procedures of attackers.

* Lead security vulnerability management program recommending best practices/solutions to

address vulnerabilities, secure hosts, applications, databases, and network technologies.

* Strengthen Security operations monitoring by extracting data from threat intelligence and

develop understanding of adversary TTPs.

* Monitor the performance of security solutions to identify and bring to attention breaches

and potential intrusion incidents.

* Monitor security logs and alerts from various sources, including intrusion detection systems,

Endpoint Detection and Response (EDR) systems and security information and event

management (SIEM) tools.

* Investigate and analyse security incidents, identify root cause, and develop appropriate mitigation

strategies.

* Execute security response actions, including full remote remediation of endpoints.

* Perform threat hunting and proactive analysis to identify potential security risks and

vulnerabilities.

* Implement security frameworks including CIS Benchmarks, ASD essential 8 on systems.

* Handle cyber security incidents in conjunction with the existing service providers from detection

through to completion, including maintaining incident response documentation, postmortem

root cause analysis, writing incidents reports and providing lessons learnt and enhancements

required.

TECHNICAL PROFICIENCY:

One of these following certifications: CISSP (Certified Information Systems Security Professional),

CISM (Certified Information Security Manager) or CCISO (Certified Chief Information Security

Officer). Technical understanding of digital forensics and incident response in accordance with NIST

standards. Experience working and designing solutions that meet compliance standards for NIST, ISO,

CMMC, PCI and DOD regulatory controls. Advanced proficiency with Microsoft Office products,

including Word, Outlook, PowerPoint, and Excel.