Incident Response Analyst

Terms: Permanent Location: Cheltenham, Gloucestershire Salary: Up to £50k

CORVID provides advanced and innovative cyber security protection services across the wider Ultra Electronics Group, using sophisticated means to detect and manage technical security incidents.

As an incident responder, you will be responsible for monitoring identifiers and suspect activity that indicates a potential security incident. This will make use of intrusion prevention systems, vulnerability scanning tools and malware forensics. You will be proficient in IR with an understanding of real-world APT tools, tactics, and procedures, and be able to quickly determine the nature of the threat and deliver the appropriate response.

You will be expected to have:

  • Proven experience of intrusion detection and vulnerability analysis
  • An appreciation of the chain of evidence and procedures surrounding forensic acquisition, as well as the ability to undertake forensic behavioural analysis on a host
  • Experience with network analysis tools, and an ability to conduct packet capture analysis
  • An understanding of networking principles including TCP/IP, DNS etc. and commonly used internet protocols such as SMTP, HTTP, etc.
  • Operating systems and system administration skills in either Windows/Solaris/Linux
  • Knowledge of intrusion detection systems and methods of security hacking/penetration testing
  • The ability to perform malware triage to determine whether an identified file exhibits potential malicious intent
  • Working knowledge of at least one scripting language (Python, PHP, etc.)
  • Experience with reviewing raw log files, data correlation, and analysis (i.e. firewall, network flow, IDS, system logs)

How to apply

This role is no longer available. Thank you to all applicants.