Cyber Security Operations Specialist

Description

Responsibilities

• Design, implement, and maintain a range of cyber security solutions and technologies including configuration, troubleshooting, and optimisation, to ensure effective threat detection and response.
• Collaborate with internal stakeholders to ensure security solutions align with business objectives and security strategies.
• Stay current with the latest attacks, vulnerabilities, and industry best practices to enhance overall Security Operation procedures and processes.
• Analyse and prioritise security alerts from various sources, determining the severity and potential impact on the organization.
• Perform cyber security incident response, management, and investigations to mitigate risks and recover from security incidents.
• Conduct proactive threat hunting activities to identify and address potential security issues before they escalate.
• Create and maintain incident response playbooks and procedures to standardize responses to various types of security incidents.
• Drive technical management of digital forensic investigations and e-Discovery exercises to support incident response and legal requirements.
• Accountable for undertaking complex research and analysis of threat actors to understand their tactics, techniques, and procedures (TTPs).
• Manage the collection of relevant and actionable Threat Intelligence (TI) and enhance TI platforms to support decision-making.
• Strong focus on defensive and offensive research to strengthen security posture.
• Deliver and present intelligence to various stakeholders on Strategic, Tactical, Operational and Technical levels.
• Leverage Threat Intelligence (TI) to inform alert prioritisation and incident response decisions, adapting strategies based on emerging threats.
• Report writing and security awareness, especially relating to vulnerabilities, threat landscape, and intelligence.
• Conduct regular incident response simulations and tabletop exercises to assess readiness and improve response capabilities.

Requirements

• Strong hands-on and technical experience across various core cyber security solutions and technologies: SIEM, EDR, VM, Secure Internet Proxies, Open-Source Technologies, OSINT
• The ability to see opportunities to improve, break them into logical pieces of work, and follow them through to execute at a technical level.
• Proven experience in responding to security incidents.
• Demonstrated capability in proactive threat hunting, utilising tools and techniques to uncover hidden threats within the environment.
• Strong understanding of network security principles and protocols
• Ability to analyse logs and events from operating systems and applications to identify suspicious activities and potential security incidents.
• Understanding of containerisation and their security implications.
• Understanding of various operating systems.
• Proficiency in at least one or more coding languages (Python, Java, etc.) would be ideal.
• A positive attitude and an eagerness to expand current cloud security knowledge.
• Commitment to ongoing professional development and staying updated on emerging threats, technologies, and industry trends.
• Strong team player to collaborate with a diverse team.
• A critical thinker, with strong problem-solving & analytical skills with an ability to enhance or automate processes including the threat intel platforms, sources, and tooling.

About Mox Bank