Data Engineer (Security)

Data Engineer (Security)

Job Title: Data Engineer (Security)
Contract Type: Permanent
Location: London, England
Salary: £161 - £162 per annum
Start Date: ASAP
Reference: DE01_1532596409
Contact Name: Alex Young
Contact Email:
Job Published: July 26, 2018 10:13

Job Description

The role would require someone that has experience standing up Big Data platform and integrate/develop out intermediary solutions to support/transform the way we work with data beyond just ingesting un/structured data. In order to do that, the candidate should ideally some experience developing anomaly behaviour models to surface potential 'bad' stuff going on such as Fraud/Crime/Trends/Outliers/Deviations etc…

This JD paints a picture of what they are trying to do manually without a big data lake. The candidate will support to build out a 'Hunting Platform'.

The role is responsible for establishing, maintaining, implementing, operating, monitoring and improving the Cyber Hunting Program to ensure its core objectives align with strategic goals. The program describes a comprehensive set of hunting objectives to identify and detect unusual, uncommon, anomalous and generally 'out-of-ordinary' events and/or traffic pertaining to possible unknown and new attacks and/or intrusions.

The role not only harnesses the analyst's technical knowledge and past experience in various security domains but also challenges or even stretches the analyst's mindset to think beyond traditional SIEM Use Cases but as an advanced adversary to build up capabilities to identify and detect tactics, tools and techniques (TTP).

Specific Role Responsibilities
*Act as Tier 3 Support and regularly monitor, review and feedback on cases opened by Active Monitoring Team
*Perform quality assurance on S3 cases
*Knowledge share, guide and mentor Active Monitoring Team
*Escalate operational issues and contribute or lead operational improvement
*Lead and participate in daily Cyber Operations Meeting
*Provide support to Active Monitoring Team relating to case severity designation
*Work closely with other Cyber Defence Teams on incident related matters providing high and low level technical analysis summary
*Manage and grow the maturity of the Cyber Hunting Program
*Establish, develop and document input and output of Cyber Hunting Objectives
*Maintain situational awareness of current security/threat landscape
*Study and research TTPs to support the creation of Hunting notebooks.
*Execute and pivot on Hunting Use Case searches
*Record and document Hunting activities
*Continuously improve Hunting methodology
*Lead the development and evolution of Cyber Hunting Use Cases
*Transform and integrate Cyber Hunting Use Cases into SIEM Use Cases
*Work closely with SIEM Onboarding Specialist and Content Developers to identify monitoring opportunities and content creation
*Proactively and iteratively monitor and investigate 'out-of-ordinary' security events
*Build up Cyber Hunting capability - Open Source, Data Visualisation, Security Analytics, Automation, Enrichment Pipeline, Central Repository
*Perform ad hoc Cyber Hunts per Local Market requests

Lawrence Harvey is acting as an employment agency in regards to this position.
Visit our website and follow us on Twitter for all live vacancies @lawharveyjobs