Senior Incident Response Analyst

Terms: Permanent Location: Cheltenham, Gloucestershire Salary: Competitive

Corvid provides advanced and innovative Cyber-Security protection services across the wider Ultra Electronics Group using sophisticated means to detect and manage technical security incidents. There is an opportunity for an experienced IR Technical Lead to join this team.

As a senior responder you will be responsible for monitoring identifiers and suspect activity that indicates a potential security incident. This will make use of Intrusion Prevention Systems, Vulnerability Scanning tools and Malware Forensics. You will be proficient in IR with an understanding of real-world APT tools, tactics, and procedures and be able to quickly determine the nature of the threat and deliver the appropriate response. You will be expected to have:

  • At least 3 years previous experience as a Security Analyst
  • Proven experience of intrusion detection and vulnerability analysis
  • An appreciation of the chain of evidence and procedures surrounding forensic acquisition, as well as the ability to undertake forensic behavioural analysis on a host.
  • Experience with network analysis tools and an ability to conduct packet capture analysis.
  • Excellent understanding of networking principles including TCP/IP, DNS etc. and commonly used Internet protocols such as SMTP, HTTP etc.
  • Operating systems and system administration skills in either Windows/ Solaris/ Linux
  • Knowledge of Intrusion Detection Systems and methods of security hacking/penetration testing
  • Perform malware triage to determine whether an identified file exhibits potential malicious intent.
  • Working knowledge of at least one scripting language (Python, PHP, etc)
  • Experience with reviewing raw log files, data correlation, and analysis (i.e. firewall, network flow, IDS, system logs

How to apply

To find out more or to apply please send your CV with covering letter to