Cyber Incident Response Lead - Remote

Overview

As a member of Experian's Global Security Office (EGSO) / Cyber Fusion Center (CFC), you will respond, contain, escalate, investigate, and coordinate mitigation of security events relative to anomalies detected and escalated by the Cyber Fusion Centre (CFC) according to Experian's Incident Response Plan.

In Short

• Conduct advanced incident response activities to investigate and contain complex cybersecurity matters.
• Manage multiple cases related to security incidents throughout the incident response lifecycle.
• Maintain case documentation, including notes and analysis findings.
• Interpret device and application logs from various sources to identify causes and determine next steps.
• Provide advanced support to analysts and mentor other analysts.
• Knowledge of network protocols and technologies is essential.
• Experience with commercial and open-source SIEMs and network analysis tools.
• Demonstrated knowledge of common intrusion methods and cyber-attack tactics.
• Flexible work environment, working hybrid or in the office.
• Participate in on-call schedule or work outside of normal hours.

Requirements

• Knowledge of network protocols (TCP/IP, UDP, ICMP) and standard protocols (HTTP/S, DNS, etc.).
• Experience with SIEM tools like Splunk and network analysis tools like Wireshark.
• Knowledge of common intrusion methods and cyber-attack tactics.
• Skills using Incident Response and Security Monitoring applications.

Benefits

• Great compensation package and discretionary bonus plan.
• Core benefits include pension, healthcare, and sharesave scheme.
• 25 days annual leave with 8 bank holidays and 3 volunteering days.