Data Engineer (Security)
|Job Title:||Data Engineer (Security)|
|Salary:||£161 - £162 per annum|
|Contact Name:||Alex Young|
|Job Published:||July 26, 2018 10:13|
This JD paints a picture of what they are trying to do manually without a big data lake. The candidate will support to build out a 'Hunting Platform'.
The role is responsible for establishing, maintaining, implementing, operating, monitoring and improving the Cyber Hunting Program to ensure its core objectives align with strategic goals. The program describes a comprehensive set of hunting objectives to identify and detect unusual, uncommon, anomalous and generally 'out-of-ordinary' events and/or traffic pertaining to possible unknown and new attacks and/or intrusions.
The role not only harnesses the analyst's technical knowledge and past experience in various security domains but also challenges or even stretches the analyst's mindset to think beyond traditional SIEM Use Cases but as an advanced adversary to build up capabilities to identify and detect tactics, tools and techniques (TTP).
Specific Role Responsibilities
*Act as Tier 3 Support and regularly monitor, review and feedback on cases opened by Active Monitoring Team
*Perform quality assurance on S3 cases
*Knowledge share, guide and mentor Active Monitoring Team
*Escalate operational issues and contribute or lead operational improvement
*Lead and participate in daily Cyber Operations Meeting
*Provide support to Active Monitoring Team relating to case severity designation
*Work closely with other Cyber Defence Teams on incident related matters providing high and low level technical analysis summary
*Manage and grow the maturity of the Cyber Hunting Program
*Establish, develop and document input and output of Cyber Hunting Objectives
*Maintain situational awareness of current security/threat landscape
*Study and research TTPs to support the creation of Hunting notebooks.
*Execute and pivot on Hunting Use Case searches
*Record and document Hunting activities
*Continuously improve Hunting methodology
*Lead the development and evolution of Cyber Hunting Use Cases
*Transform and integrate Cyber Hunting Use Cases into SIEM Use Cases
*Work closely with SIEM Onboarding Specialist and Content Developers to identify monitoring opportunities and content creation
*Proactively and iteratively monitor and investigate 'out-of-ordinary' security events
*Build up Cyber Hunting capability - Open Source, Data Visualisation, Security Analytics, Automation, Enrichment Pipeline, Central Repository
*Perform ad hoc Cyber Hunts per Local Market requests
Lawrence Harvey is acting as an employment agency in regards to this position.
Visit our website www.lawrenceharvey.com and follow us on Twitter for all live vacancies @lawharveyjobs
Get similar jobs like these by email
By submitting your details you agree to our T&C's
Data Protection Lawyer (contract)
£500 - £650 per day + negotiable
Data Privacy Specialist
South West England, England
Data Protection Specialist (contract) - Manchester
Manchester, Greater Manchester
Data Protection Officer (FTSE 100) (contract)
£800 - £1000 per day