CSIRT Analyst

Job Description

Why usOur vision of Technology Excellence - to be industry leaders in the use of technology - means there has never been a more exciting time to be part of our company.By joining us, you will play an important role in providing IT services to our many operating companies, enabling them to work in the most efficient and effective manner. You will be empowered to challenge the norm though the creative use of technology,helping to transform the customer journey.You will be employed by one of the worlds largest airline groups, with 573 aircraft flying to 268 destinations and carrying around 113 million passengers each year.We provide a plug and play platform of scalable, best in class procurement, finance and IT business services to our operating companies.The company headquarters is in Krakow, with operations in London, Madrid, Dublin and Chennai.Purpose of the role Support the outsourced Security Operations Centre (SOC) with monitoring, analysing and triage activities Ensure all incidents are investigated, contained and remediated Prevent the future re-occurrence of identified malicious traffic or incidents Ensure all activities are reported and shared with the operating companies. Act as the technical resource for SOC engagementsYou will make an impact in this role by: Analysing and investigating alerts arising from Security Event and Information Management Tools Analysing, investigating and refining alerts and reports arising from Network behaviour Analytics tools Monitoring and alerting on potential breaches, using Intrusion Prevention solutions Using packet-capture tools, analysing packet flows and utilizing network-based user behaviour analytics in order to understand breaches and track propagation of malware Following threat intelligence feeds to possess knowledge of common exploits and vulnerabilities. Developing new mitigations Working with the business to detect, contain and eradicate threats Supporting Penetration testing where applicable Identifying and execute opportunities for continual improvement, using thorough understanding of the Cyber landscapeThis role may require travel and working from multiple sites/locations. Willing and able to travel to participate in meetings, workshops, and other related activities.To achieve in this role, you are likely to have: Educated to degree level or equivalent experience Recognized Security qualifications desirable e.g. CISSP, CCSP Level 2 SOC Security Analyst Strong IT security technical skills spanning cyber security best practice and risk management Problem solving, through a naturally inquisitive approach Technical knowledge of incident response and the Cyber Kill Chain Proven ability to influence and persuade both externally and internally across a complex organisation Innovation - transforming industry trends into practical, cost-effective solutions Ability to work under pressure Fluent English Technical, security, and service leadership experience to 3rd party SOC Analysts Proven track record in the cyber security field, recognised as an expert that commands the respect of senior stakeholders. Demonstrable evidence of contributing thought leadership within the Security field SIEM Analytics (Splunk) experience SIEM Engineering experience (highly desirable) Experirnce with Behavioral Analytics Experience with Endpoint Detection Response Business partnering, working as a valued partner with internal and external stakeholders across a diverse operation. Experience of operating across multiple countries and cultures is desirable, but not essentialWhat we offer is The chance to enjoy a challenging career in an exciting, fast-moving environment in a dynamic industry. The opportunity to work in a multi-cultural environment with great offices in many locations. We aim to provide all our people with a work/life balance, as well as the many benefits offered by a global organisation, including health insurance, pension,and performance bonuses. We are an equal opportunities employer, and all qualified applicants will receive consideration for employment without regard to race, colour, religion, sex, national origin, disability status, protected veteran status, or any other characteristic protectedby law.