Overview
Description
Cyber Defence Analyst
Location: Farnborough on a 12-hour, 4 days on, 4 days off day and night shift pattern
The Role: Leidos, a Global IT Solutions Provider specialising in large scale implementations involving science, engineering, and technology, requires a Cyber Defence Analyst to work in its CSOC (Cyber Security Operations Centre) Team. The Cyber Defence Analyst will contribute to the growth and development of the CSOC. You will work with a wide variety of stakeholders to ensure the Leidos CSOC, a Defensive Cyber Security capability, can support a customer’s Cyber Resilience, protecting them with a 24 x 7 Threat Detection and Response service, mitigating risk of Cyber Attack.
The successful candidate will have CSOC experience or demonstrate sufficient transferable Cyber Security knowledge, qualifications, aptitude, and passion to quickly learn the Cyber Defence Analyst role. To succeed, the candidate must be capable of working under pressure, delivering on multiple customer accounts, and have an appetite to progress and develop their Cyber Security career. The role operates within a matrix managed environment, reporting operationally to the CSOC Lead and accountable to the CSOC Manager.
What will I be doing?
* Maintain the integrity and security of Cyber Security systems and networks.
* Support Cyber Security initiatives through predictive and reactive analysis, articulating emerging trends to leadership and staff.
* Use data from Cyber Defence tools (firewalls, IDS, network traffic, UEBA, SOAR, etc.) to analyse events within the environment.
* Respond to and correlate alerts from detective and preventative tools such as SIEM, EPP, EDR, XDR, WAF, and Firewalls.
* Proactively detect suspicious activity, vulnerabilities, and misconfigurations before they can be exploited, protecting Confidentiality, Integrity and Availability.
* Inspect and correlate logs from multiple sources to identify repeating patterns and Indicators of Compromise (IOC).
* Continuously scan the Threat Horizon to classify Threats by impact on a client’s network or solution.
* Engage with security communities to review and share knowledge on IOC’s and Threats.
* Follow and develop the Cyber Security Incident Response Process and Playbooks.
* Apply Cyber Security Incident Prioritisation Criteria to classify and rate Incidents.
* Define and coordinate countermeasures to mitigate Threats and support action plans in response to Incidents.
* Ensure confidentiality and discretion when dealing with multiple clients.
* Run Vulnerability Assessment tools to measure compliance with security updates and patches.
* Contribute as a team member performing multiple daily CSOC checks to detect and respond to suspicious activity or alerts.
* Record events and actions during a Cyber Security Incident accurately to enable effective handovers during shift changes.
* Continuously improve CSOC processes and collaborate with stakeholders from other technology stacks to contribute to Incident Response. Perform tabletop scenarios and derive lessons learned.
What does Leidos need from me?
* Experience of Sentinel, Microsoft XDR and Microsoft Defender variants, and Elastic Security, or aptitude to learn SIEM technologies.
* Experience and knowledge of SIEM tools, Cyber Security Incident Response, Vulnerability Management and Cyber Threat Intelligence.
* Experience investigating Cyber Security incidents and supporting root cause analysis or transferable skills to learn and excel.
* Understanding of the Confidentiality, Integrity, and Availability (CIA) triad.
* Understanding of trends for malware, ransomware and Advanced Persistent Threats affecting Cloud and On-Premises solutions.
* Experience working within Change Controlled environments.
* Understanding of the OSI 7 network layers and TCP/IP networking.
* Understanding of network and boundary protection controls for Cloud and On-Premises solutions, including Firewalls, ACLs, NSGs, DDoS Protection, VPNs, Mail Gateways, Web Proxies, Load Balancers, WAFs, IPS, and IDS.
Communication and Soft Skills
* Good verbal and written communication for handovers, reports, and documenting events during Incidents.
* Positive, collaborative, and self-motivated with the ability to work with minimal supervision.
* Ability to build strong relationships with customers and internal stakeholders.
* Analytical thinking with the ability to plan and remediate problems.
* Ability to track market trends and stay at the forefront of Cyber Security Technology.
* Ability to manage multiple work streams, prioritise, and escalate as necessary.
* Initiative-taker with the drive to see solutions through to completion.
* Agility and flexibility to cover shifts at short notice to ensure CSOC protection for customers.
Desirable
* Exposure to working on or within HM Government classified systems or programs.
Clearance Requirements
* Due to the nature of the work, candidates must be British and non-dual nationals.
* Candidates must be eligible to hold DV clearance.
* Clearance to start role: SC.
What we do for you
At Leidos we are passionate about customer success, united as a team and inspired to make a difference. We offer meaningful and engaging careers, a collaborative culture, and support for your career goals, while nurturing a healthy work-life balance.
We provide an employment package that attracts, develops and retains top talent. Our reward scheme includes: contributory pension, private medical insurance, 33 days annual leave (including holidays), and access to Flexible benefits (life assurance, health schemes, gym memberships, annual buy/sell holidays, cycle to work).
Flexi-Time Working
Commitment to Diversity
We welcome applications from all parts of the community and are committed to a diverse and inclusive culture. If you have a disability or need reasonable adjustments during the application and selection stages, please let us know and we will respond appropriately.
Who We Are
Leidos UK & Europe – we work to make the world safer, healthier, and more efficient through technology, engineering and science.
Leidos is a growing company delivering innovative technology and solutions focused on safeguarding critical capabilities and transformation in defence, healthcare, government, safety and security, and transportation.
What Makes Us Different: Purpose, Collaboration, and People. We offer flexible work arrangements to enable you to perform your role effectively, whether from home, office, or customer sites.
Come break things (in a good way). Then build them smarter. We solve high-stakes problems with code and a healthy disregard for “how it’s always been done.”
Pay Range
£36,700.00 - £45,900.00
#J-18808-Ljbffr