Nadara Greater London, England, United Kingdom
Join or sign in to find your next job
Join to apply for the Security Incident Specialist role at Nadara
Nadara Greater London, England, United Kingdom
Get AI-powered advice on this job and more exclusive features.
R0001210 Security Incident Specialist (Open)
We’re Nadara. We work harmoniously with the power of nature and the communities around us to power lifetimes to come. We call our approach ‘living energy’.
We don’t just produce renewable energy, we live it – recognising our relationship with the people touched by our business and supporting social, educational, cultural, and environmental initiatives that contribute to the development of the communities we work alongside.
Discover more about our business here: https://nadara.com/about/
Nadara is an innovative place to work. We work in a stimulating and challenging environment, where every day we explore the unknown with curiosity, make decisions with quality and take action and deliver with courage. For us, diversity is a real value, and we encourage connecting different perspectives with respect.
Discover more about our culture and approach here: https://nadara.com/living-the-company/
Job Description Summary
The Security Incident Specialist is responsible for ensuring robust incident management by investigating and addressing security incidents reported by or assigned to the SOC. This role involves leading incident response efforts, escalating issues to designated owners when necessary, and coordinating the implementation of Azure Security Solutions, including Azure DLP, Defender, and Defender for Cloud. Additionally, the specialist will support the development and refinement of policies and procedures to enhance Security Incident Management and Cybersecurity practices.
Responsibilities
* Demonstrating familiarity with Microsoft Security Solutions (Defender, Sentinel, Azure, Entra, etc.).
* Implementing Azure Security Solutions to strengthen the organization's security posture and optimize incident handling processes.
* Maintaining and developing the company’s security monitoring systems and ensuring efficient SIEM ingestion (Sentinel).
* Ensuring the proper collection of logs, alerts, and incidents for effective monitoring and response.
* Reviewing and developing analytics and playbooks for incident classification, assignment, and response automation.
* Reporting the status and outcomes of incidents and investigations to company stakeholders.
* Writing clear and comprehensive incident reports, combining logs and evidence, tailored for both C-level executives and technical teams.
* Coordinating the Incident Management process with Vulnerability Management to ensure cohesive security operations.
* Supporting initiatives to enhance secure architectures, reducing the potential threat landscape.
* Aligning the Incident Management process with organizational policies, procedures, and security guidelines.
Key Requirements
Master/Bachelor Degree in cybersecurity or computer science and 3+ years as SOC analyst, or undergraduate and 5+ years as SOC analyst.
Excellent practice in:
* SIEM/SOAR (Sentinel) maintenance and development
* Log collection, analysis, and correlation
* Incident investigations and response
* Malware analysis
* Phishing analysis
* File system checks and memory dump
* Ioc editing and searching
Good practice in:
* Evidence acquisition and retention
* Secops scripting (bash, vbscript, Powershell, Python)
* Threat intelligence and OSINT
* Supporting cybersecurity policies and procedures, especially Security Incident Management
Must have a curious mind eager to find threats, discover backdoors, identify attack vectors, and build sample detections from scratch. Effective communication skills and ability to present data clearly to diverse audiences. Fluent in English (written and verbal). Ability to work within complex teams and international environments.
Desirable Certifications
Blue Team Level 1 (BTL1), Blue Team Level 2 (BTL2), eCTHP, eCIR, GCIH, SC-200, AZ-500, AZ-900, Certified CyberDefender (CCD), or similar.
What We Offer
* An international, stimulating environment.
* A people-centric approach.
* Challenging challenges and growth opportunities.
* A passionate team environment.
Location: Lisbon
Time Type: Full-time
Worker Subtype: Regular
Seniority Level
Mid-Senior level
Employment Type
Full-time
Job Function
Other, Information Technology, Management
#J-18808-Ljbffr