We have a new opportunity for a Senior Incident Response Analyst. You will work from home with 1 day per week in our offices in Cheltenham, Gloucestershire.
What we do
Corvid provides advanced and innovative cyber security protection services, using sophisticated means to detect and manage technical security incidents.
You will be an experienced technical security specialist, with proven experience delivering services to
external customers, along with demonstrable written & verbal communication skills.
As a senior responder, you will be responsible for monitoring identifiers and suspect activity that indicates a potential security incident. This will make use of intrusion prevention systems, vulnerability scanning tools, and malware forensics.
You will be proficient in IR with an understanding of real-world APT tools, tactics, and procedures, and be able to quickly determine the nature of the threat and deliver the appropriate response.
Skills and Qualifications Required
A technical career background in cyber with the following experience;
- Experience in incident response and or threat hunting
- Familiarity with host forensic artefacts on both Windows and Linux, and their acquisition, processing, and interpretation
- Understanding of firewall rules, Windows and Linux tools for analysing packet capture, netflow, and raw log files such as those generated by firewalls, web servers, and proxies
- Excellent understanding of TCP/IP networking and protocols (including HTTP, SSL/TLS, HTTPS, HTTP/2, DNS, SMTP, IPSEC)
- Knowledge of analysing artefacts to deduce behaviour of malware in an estate, including methods of entry, evidence of lateral movement, C2/exfiltration analysis, and remediation activities
- Ability to innovate malware hunting methods
- Understanding of vulnerabilities and vulnerability detection
- Good communication, reporting, and analytical skills
- Proven experience with scripting/programming languages
- Ability to commit to small development projects (for example, in C or C++) as well as ad-hoc scripting (for example, in Python)
Applicants will be required to meet at least the minimum requirements of SC security clearance.
How to Apply:
If you believe you have the skills and experience required to join our team then please click apply and upload your CV now.
Here at Ultra we are an equal opportunity employer and value diversity and inclusivity. Underpinned by our values, behaviours and policies, we want you to feel empowered to be the best version of yourself. We also believe that people from different backgrounds and cultures will increase our diversity of thinking, ensuring we continue to successfully deliver to our customers.
We therefore do not discriminate on the basis of; age, disability, gender reassignment, marriage or civil partnership, pregnancy and maternity, race, religion or belief, sex or sexual orientation. We also support requests for flexible working arrangements wherever possible.