Cyber Threat Intelligence and Vulnerability Analyst

Cardiff, Wales, gb
Company: evolution-recruitment-solutions
Category: Protective Service Occupations
Published on 2021-08-02 18:07:55

Cyber Threat Intelligence and Vulnerability Analyst

My client is a leading Cyber Security business and they are hiring several Cyber Threat Intelligence and Vulnerability Analysts to proactively identify and understand emerging threats, build new detection capabilities to support HMG clients.

This role would suit a senior Security Operations engineer/analyst, who is looking for an opportunity to help build out a new function from scratch.

Responsibilities:

  • Responsible for operating the vulnerability scanning toolset e.g. Nexpose and Tenable.
  • Improve our knowledge and understanding of emerging threats so that we’re better able to identify and detect attacks.
  • Provide clear and concise communication with technical and non-technical stakeholders so that vulnerabilities are understood and addressed.
  • Review and analyse vulnerability data to identify trends and patterns.
  • Advise those responsible for remediation on best reduction/remediation of risks.
  • Operate the Vulnerability Management process including suggesting applicable change control, and security exceptions.
  • Design and implement a vulnerability reporting and monitoring solution.
  • Identify and lead the implementation of threat intelligence tools and platforms.
  • Support threat hunting and incident response activities with research and analysis.
  • Enable the wider organization to use threat intelligence for informed decision making.
  • Essential Skills:

  • Demonstrable technical experience in Vulnerability remediation tools and techniques.
  • Experience with methodologies and frameworks - CVSS, CIS Benchmarking, OWASP top 10 etc.
  • Hands-on experience with vulnerability tools e.g., Nessus, Rapid 7 or similar scanning tools.
  • Basic pen testing skills.
  • Have a sound understanding of network/infrastructure/application.
  • Ability to support security incidents and investigations.
  • Good hands-on knowledge of Linux, Mac, Windows and cloud environments, and a go-to scripting language like Python or PowerShell.
  • Knowledge of current tactics, techniques and procedures (TTP) used by threat actors.
  • Practical application of the MITRE ATT&CK framework or similar.
  • Scripting experience: Python, PowerShell, etc.
  • Desirable Skills:

  • Exposure to DevSecOps or code review is a plus
  • Due to the sensitive nature of the work, be willing and able to go through SC Clearance.


    Jobs you might also be interested in