Thales technology makes it possible for two thirds of planes to take off and land safely. Thales also protects 80% of the world’s payment card transactions and is Europe’s number one supplier of defence electronics. Beyond that our people have made London’s Jubilee and Northern Lines 20% more efficient and have delivered more than 300 air defence radars in 26 countries. We’re a leading name in our markets and a diverse, constantly evolving organisation. Join us.|
Thales UK is seeking a Senior Cyber Security Analyst for its UK operation based in Basingstoke, Hampshire. In this role, you will join an established team providing full-scope Cyber Security Operations Centre (CSOC) support to Thales UK and its customers. The Senior Cyber Security Analyst will have a solid IT background covering Operating Systems, IP Networking, firewalls and boundary controls, IDS/IPS etc coupled with excellent troubleshooting skills.
Qualification, experience and skills:
- Point of escalation for Cyber Analysts to perform enhanced detailed analysis and investigation of alerts generated via SIEM, IDS/IPS and other related data sources
- In depth, proactive analysis of network, application and system event data in order to identify potentially abnormal or anomalous system behaviours.
- Onboarding of new customers and/or event sources and development of monitoring Use Cases for same.
- Carry out analysis to determine the root cause of events, and to provide incident response and reporting in support of operational effectiveness
- Responsible for developing, researching and maintaining proficiency in tools; including researching techniques, countermeasures and trends in computer and network vulnerabilities, data obfuscation, encryption and emerging Cyber Threat Intelligences sources.
- Participate in knowledge sharing and undertake incident response exercises
- Evaluate and implement intelligence regarding new threats and vulnerabilities and ensure detective controls are updated to detect new attacks
- Maintain the above using the appropriate Change Management and Incident Response processes
- Responsible to the CSOC Team Lead for the day-to-day operational aspects of the CSOC environment.
- Identify service inadequacies and contribute to the Customer/CSOC Service Improvement Plan
- Maintain an understanding of current and emerging threats and vulnerabilities and security technology developments
- Any other duties as deemed necessary to achieve department goals
- Identify Security Breaches as soon as reasonably possible and take appropriate action
- Participate in knowledge sharing with other analysts and develop solutions efficiently
- Represent the CSOC on external and peer group forums.
- Minimum four years demonstrable experience as a Security Analyst within a Security Operations environment, preferably with at least two years in a senior role.
- Demonstrable experience in Intrusion Detection and analysis
- Knowledge and understanding of SIEM toolsets and applications
- Demonstrable experience of handling security related incidents and work requests
- Familiarity with methods and techniques used in ethical security hacking/penetration testing
- Familiarity with the tools and techniques used by malicious hackers
- Demonstrable experience in Malware Analysis/Reverse engineering techniques.
- Knowledge and experience of Computer Forensics
- Knowledge and experience of integrating Cyber Threat Intelligence feeds into an Operational Security monitoring environment
- Demonstrable experience of working within a change control and incident management environment (ITIL)
- Competent at writing SOC processes and procedures
- Demonstrable understanding of network traffic analysis techniques
- Detailed knowledge and understanding of Internet protocols, networking principles and OS concepts and technologies.
- Strong understanding of network monitoring and packet analysis tools
- Understanding of systems administration
- Operating systems and system administration skills in at least one of the following (Windows, Solaris, Linux) including good command line skills
- Demonstrable experience working within a team environment
This role requires enhanced security clearance to secret (SC) level. Candidates will be required to meet the criteria and seek Defence Vetting Agency clearance, which will be sponsored by Thales. For eligibility criteria, please refer to the Defence Vetting Agency website.
- Experience of UK HMG information security processes and policies
- Programming skills C , Python, C# or any other language
- Qualifications within the IT Security field desirable though not essential. SANS Certified Intrusion Analyst (GCIA), Certified Incident Handler (GCIH), Malware Analysis, Certified Information Systems Security Professional (CISSP)
To apply please click on the 'Apply' button.