Browse through today's hottest 49421+ job openings, categorized by the most searched keywords, cities, and employers.


View Detail • Apply directly to companies • Clear salary ranges

Browse 49421 List Available Job Vacancies Today. We Have Worked with 2000+ Trusted Companies around the world


Corvid Logo

Incident Response Analyst

504f6e6

Cheltenham, England

2 days ago

45000 GBP ANNUAL

Corvid

Burbank, United States

Unknown / Non-Applicable

Company - Private


Job Description

Terms: Permanent Location: Cheltenham, Gloucestershire Salary: £45k £60k

CORVID provides advanced and innovative cyber security protection services, using sophisticated means to detect and manage technical security incidents. There is an opportunity for an Incident Response (IR) Analyst to join this team.

Our customers benefit from a suite of services which includes incident detection and incident response, which is delivered predominantly using an in-house EDR platform.

Key responsibilities

You will be responsible for monitoring identifiers and suspect activity that indicates a potential security incident. This will make use of intrusion prevention systems, vulnerability scanning tools, and enterprise detection and response tools. You will be proficient in IR with an understanding of real-world APT tools, tactics, and procedures, and be able to quickly determine the nature of the threat and deliver the appropriate response.

  • Formulate and implement threat hunts across the CORVID customer base, using both public data sources and internal research.
  • Investigate suspicious activity to determine if it's a true positive.
  • Perform incident response activities on compromised devices and/or networks to:
    • determine the scope of infection
    • remove the threat
    • identify potential data loss
    • identify the infection vector
    • create additional threat hunts or detections using TTPs
    • liaise with customers

Skills and experience

Essential:

  • Two to three years' experience in a SOC or incident response role
  • Experience in incident response or incident analysis
  • Good awareness of the current threat landscape
  • Familiarity with host forensic artefacts on both Windows and Linux, and their acquisition, processing, and interpretation
  • Experience with network analysis and network intrusion detection
  • Understanding of firewall rules, Windows and Linux tools for analysing packet capture, netflow, and raw log files, such as those generated by firewalls, web servers, and proxies
  • Understanding of modern malware, including execution methods, persistence, detection, C2 methods, delivery mechanisms (JavaScript, PowerShell, etc.) and entry points (phishing, drive-by, etc.)
  • Knowledge of analysing artefacts to deduce behaviour of malware in an estate, include method of entry, evidence of lateral movement, C2/exfiltration analysis, and remediation activities
  • Ability to innovate malware hunting methods
  • General technical analysis and data correlation skills
  • Ability to launch and interpret network vulnerability scans, web scans, and port scans
  • Good communication, reporting, and analytical skills
  • Ability to produce and review reports
  • Proven experience with scripting/programming languages
  • Ability to commit to ad hoc scripting (for example, in Python)

Desirable:

  • Familiarity with the challenges of processing large volumes of log traffic, including Windows event logs
  • Familiarity with malware dynamic analysis to determine potential malicious intent of samples
  • Some experience with static analysis and reverse engineering of samples and C2 protocols
  • Familiarity with Elastic, Splunk, or similar
  • Understanding of vulnerabilities and vulnerability detection
  • Ability to commit to small development projects (for example, in C or C++)
  • Ability to work in and perform system administration skills using Windows and Linux
  • Understanding of the MITRE ATT&CK framework
  • Experience with EDR-type telemetry or similar, such as from sysmon
  • Experience of writing and implementing Snort/Suricata rules
  • Excellent understanding of TCP/IP networking and protocols (including HTTP, SSL/TLS, HTTPS, HTTP/2, DNS, SMTP, IPSEC)

How to apply

Please email your CV and covering letter to careers@corvid.co.uk.


Apply Go Back

Share This Job

LinkedIn
Reddit
WhatsApp
Telegram

Related Jobs

Medical Counter Assistant
Medical Counter Assistant
Vicary Pharmacy
Aylesbury, England
2 days ago

Apply
Travel Safe Officer
Travel Safe Officer
Carlisle Support Services
Sheffield, England
1 day ago

Apply
Order Entry & Customer Service Advisor - Italian or Spanish speaking (f/m/d)
Order Entry & Customer Service Advisor - Italian or Spanish speaking (f/m/d)
Edmund Optics
York, England
1 day ago

Apply
Food and Beverage Supervisor
Food and Beverage Supervisor
Castle Bingo
Swansea, Wales
1 day ago

Apply
Psychological Wellbeing Practitioner (PWP) - Bristol or Remote
Psychological Wellbeing Practitioner (PWP) - Bristol or Remote
Vita Health Group
Bristol, England
2 days ago

Apply