Career Opportunities with InteliSecure

A great place to work.

Careers At InteliSecure
Share with friends or Subscribe!

Current job opportunities are posted here as they become available.

Subscribe to our RSS feeds to receive instant updates as new positions become available.


Threat Response Analyst - Tier 1

Department: Managed Services
Location: Basingstoke

Mission Statement:

Make the digital world a safer place to capitalize on ideas and share information.

Position Summary:

The Threat Response Analyst (TRA) will be responsible for acknowledging and researching ALL Security Incident Event Management (SIEM), User and Entity Behavior Analytics (UEBA) and Cloud Access Security Broker (CASB) alarms during their shift.†

This position is based on a shift rotation pattern as follows:

6am - 6pm - 4 days on, 3† days off then 3 days on and 4 days off. This comes with a 10%†Shift allowance in addition to base salary.

They will perform historical correlation analysis on incidents and events generated inside of the environments.†

They will also be responsible for following case development and escalation workflows when activity needs to be escalated to the client and provide tuning recommendations to the Client Service Manager

Ensure all tasks performed adhere to the firmís ISO 27001 Information Security Management System (ISMS).† This includes participation in annual information and network security training and acceptance of spot checks on an ad hoc basis to guarantee that InteliSecure is constantly improving upon the organizationís ISMS.† Each member of our team must understand the importance of the ISMS and the subsequent handling of client data.

Duties & Essential Job Functions:

  • The Threat Response Analyst will be responsible for acknowledging and researching ALL Security Incident Event Management (SIEM), User and Entity Behavior Analytics (UEBA) and Cloud Access Security Broker (CASB) †alarms during their shift.†
  • The Threat Response Analyst will be responsible for following case development and escalation workflows when an alarm needs to be escalated to the client.
  • The Threat Response Analyst will be responsible for performing historical correlation analysis on incidents and events generated inside of the environments.† They will also be responsible for following case development and escalation workflows when of note activity needs to be escalated to the client.†
  • The Threat Response Analyst will be responsible for providing rule and alarm tuning recommendations to the SIEM engineering team while also notifying the Client Service Manager.

Qualifications:

  • Knowledge of SIEM technology and functions of some security tools (IDS/IPS, Firewalls, etc.)
  • Experience working with interpreting, tuning, searching and manipulating data within SIEM, UBEA, CASB or other related security tools
  • Knowledge of log formats and ability to aggregate and parse log data for syslog, http logs, DB logs for investigation purposes
  • Bachelorís Degree in Information Technology, Information Security/Assurance, and Engineering or related field of study; or at least two years of related experience and/or training; or equivalent combination of education and experience preferred.
  • Associateís Degree or equivalent from two-year College or technical school in Information Technology, Information Security/Assurance, Engineering or related field of study; at least 2 years of related experience and/or training; or equivalent combination of education and experience required.
  • Experience utilizing the Cyber Kill Chain, Diamond Model or other appropriate models
  • Experience in gathering and managing threat intelligence
  • Ability to present a recommended remediation strategy to client in professional format
  • Knowledgeable and experienced using basic regular expressions
  • Ability to fully utilize MS Office products required

Highly Preferred:

  • Linux administration experience
  • Windows administration experience
  • Shell scripting experience e.g. BASH, CSH, KSH
  • Experience using open source tools such as Remnux, Kali, VirusTotal, IPVoid, TCPdump MetaSploit, Wireshark, etc
  • Certification: Security+, Network+, CEH †or equivalent certification is desired but not required.

Applicant Tracking System Powered by ClearCompany HRM Applicant Tracking System