Cyber Defence Analyst

Company Description
**Introduction**

OUTsurance is a customer-centric Financial Services company with a global foot print. We are vibrant, successful and values orientated with an awesome dynamic culture encapsulated by the ethos that clients and staff “always get something OUT.” Our success can be attributed amongst other things, to the outstanding people that work for us.

Adversaries are working around the clock to beat defences, compromise networks and steal sensitive company data. To stay ahead of the threats we are looking for an inspired, creative and dedicated Analyst who is passionate about security incident investigation & proactive threat hunting as well as collaborating with the relevant stakeholders to implement countermeasures to aid prevention, detection and response.

**Job Description**:
**Responsibilities**
- Assist in ensuring all critical and relevant log sources are ingested into the SIEM platform
- Assist in ensuring that all relevant hosts & sources are monitored across the environment, including cloud and on premise.
- Deployment or assist with deployment of technical solutions for detecting & preventing potential threats.
- Fine tune existing IoCs to reduce false positives.
- Assist in performing threat hunting activities.
- Mature the company’s Cyber Incident response plan, processes, and playbooks.
- Assist with running regular phishing simulations using the company’s security awareness solution.
- Work closely with the Offensive Red Team to mature detection capabilities.
- Assist with monthly reporting on alerts and incidents raised.

**Competencies**:

- The successful individual would need to demonstrate the below listed:

- Strong analytical skills.
- Very strong interpersonal skills and the ability to build relationships.
- Critical thinking & problem-solving with strong decision-making mind-set.
- Takes initiative and works under own direction.
- Upholds ethics and values and demonstrates high levels of integrity.
- Methodically plans and organises tasks and projects.
- Demonstrate a high level of attention to detail.
- Adapts and responds positively to change.
- The ability to multitask and handle stress.

**Qualifications**:
**Qualifications/Experience**

**Essential**
- 1+ years’ experience in IT Security, specialising in incident investigation & threat hunting using various tools and techniques.
- Ability to run an investigation from start to finish, including pivoting between data types and correlating events.
- Understanding the Attack life cycle.
- Experience with using SIEM platforms & technologies.
- Understanding of TCP/IP and networking concepts.
- Knowledge of IT security controls (Network IPS, Vulnerability Scanning, Endpoint Protection, Firewalls, Cloud Access Security Brokers).
- Familiarity and understanding of basic SQL and KQL queries.
- Strong knowledge of Windows and Linux.

**Advantageous**
- Exposure to different cloud services (Amazon Web Services, Azure, Google Cloud).
- Pentest/Red Team knowledge.
- Previous Security Operations Centre experience.
- Other relevant technology certifications, e.g. Red Hat Certified Admin, Azure Administrator Associate.
- Use of forensic analysis tools, e.g. Autopsy, Caine, SIFT
- Relevant industry security certifications such as: Security+, Network+, CySA+, other Blue Team training and certifications

Additional Information