Lead External Attack Analyst
Based in Preston/Frimley (Hybrid)
60,000 - 70,000 per annum + 10% bonus
Must be eligible for SC Clearance
What you'll be doing:
- Maintains the Global Attack Surface Management service to ensure perimeter assets are known and tested, and Shadow-IT assets are discovered and brought into governance
- Assists with complex purple team operations by providing subject matter expertise on the available attack surface and known weaknesses
- Ensures external attack surface assessments, highlights perimeter risks. Ensures resolution is being conducted in line with documented process
- Identifying security weaknesses and misconfigurations ensuring they are raised with the appropriate resolver groups
- Checking and protecting through monitoring, the global external attack surface and performing continual testing of security controls
- Leading on policy implementation, high standards and best practices within Attack Surface Management and Active Defence
- Is responsible for specific work areas and provides mentorship and expertise to others in the team
- Supports the Active Defence Manager when required, particularly on forecasting future team operations
- Is a subject matter expert (SME) on emerging threats
Your skills and experiences:
Essential:
- Broad and detailed experience of technologies including but not limited to VPN appliances, Firewalls, Attack Surface Management, IDS/IPS, Endpoint Protection, Microsoft Operating Systems, Linux, TCP/IP, Networking, Cloud, CDN's, Web Server's, Open-Source tooling, and Vulnerability Management
- A good technical background with a detailed knowledge of cyber security, computer networks and operating systems
- Analytical background and is comfortable analysing and interpreting large and complex data sets and articulating the story behind any observations along with providing conclusions and recommendations
- Detailed knowledge of the current threat landscape, the TTPs frequently employed in those attacks and how we can investigate and mitigate these
- Is experienced in interpretation of threat intelligence and will work on complex issues with little need for supervision or support
- Knowledge and demonstrable experience of the MITRE ATT&CK framework