Job

Job

Lead External Attack Analyst

Job type:Perm
Town/City:Preston
County:Lancashire
Salary/Rate:£65000 - £70000.00 per annum + + 10% bonus
Business Sector:Security
Job ref:BBBH151975
Post Date:October 23, 2024

Lead External Attack Analyst

Based in Preston/Frimley (Hybrid)
£60,000 - £70,000 per annum + 10% bonus
Must be eligible for SC Clearance

What you'll be doing:

  • Maintains the Global Attack Surface Management service to ensure perimeter assets are known and tested, and Shadow-IT assets are discovered and brought into governance
  • Assists with complex purple team operations by providing subject matter expertise on the available attack surface and known weaknesses
  • Ensures external attack surface assessments, highlights perimeter risks. Ensures resolution is being conducted in line with documented process
  • Identifying security weaknesses and misconfigurations ensuring they are raised with the appropriate resolver groups
  • Checking and protecting through monitoring, the global external attack surface and performing continual testing of security controls
  • Leading on policy implementation, high standards and best practices within Attack Surface Management and Active Defence
  • Is responsible for specific work areas and provides mentorship and expertise to others in the team
  • Supports the Active Defence Manager when required, particularly on forecasting future team operations
  • Is a subject matter expert (SME) on emerging threats

Your skills and experiences:
Essential:

  • Broad and detailed experience of technologies including but not limited to VPN appliances, Firewalls, Attack Surface Management, IDS/IPS, Endpoint Protection, Microsoft Operating Systems, Linux, TCP/IP, Networking, Cloud, CDN's, Web Server's, Open-Source tooling, and Vulnerability Management
  • A good technical background with a detailed knowledge of cyber security, computer networks and operating systems
  • Analytical background and is comfortable analysing and interpreting large and complex data sets and articulating the story behind any observations along with providing conclusions and recommendations
  • Detailed knowledge of the current threat landscape, the TTPs frequently employed in those attacks and how we can investigate and mitigate these
  • Is experienced in interpretation of threat intelligence and will work on complex issues with little need for supervision or support
  • Knowledge and demonstrable experience of the MITRE ATT&CK framework