Another great opportunity at Hoist Finance. We’re looking for a Cyber Security professional to join our growing team and drive forward our security strategy. Apply today 👇
Cyber Security Specialist
Reporting to: Cyber Security Operations Manager
The Role:
Cyber attacks have the potential to prevent us from achieving our mission, reaching our financial objectives and meeting our obligations to our customers, our clients and society as a whole.
Reporting to the Cyber Security Operations Manager, the Cyber Security Specialist operates at the forefront of our efforts to protect the business, ensuring that our overall Cyber Security Operations program enables us to successfully detect, respond to and recover from cyber attacks.
Responsibilities:
The Cyber Security Specialist enhances our Security Operations capabilities by undertaking advanced threat hunting activities and incorporating their findings into new detection methods. Using threat intelligence and their own knowledge of attacker TTPs to form hypotheses and inform their activities, they hunt across data from all available sources, including our SIEM and EDR products to either prove or disprove those hypotheses.
Working with our threat intelligence partner, the Cyber Security Specialist ensures that threat intelligence informs their threat hunting activities and the detection capabilities of the security function.
The Cyber Security Specialist is also responsible for handling security incidents that require deviation from documented remediation methods, or are of a particularly critical nature. They drive efforts to ensure swift and efficient incident resolution and risk mitigation.
They are also responsible for creating and utilizing automation workflows to streamline Security Operations incident response.
Key Deliverables:
•Documented hypothesis-led cyber threat hunts resulting in improved detection capabilities and improved cyber security controls and safeguards
•Critical incident response and management, ensuring appropriate investigation and mitigation activities are taken
•Development of new proactive monitoring use cases and corresponding runbooks for incident detection and mitigation
•Automation of incident management process to ensure swift and efficient incident response and mitigation
•Coordination and documentation of responses to higher-criticality incidents within the security function and in conjunction with relevant business functions
Key Skills:
•Detailed understanding of Security Operations methods, tools and technologies
•Analytical and problem-solving skills to identify threats, patterns and trends
•Expert knowledge of current cyber threat actor tactics, techniques and procedures (TTPs) as per the MITRE ATT&CK framework as well as a good understanding of red-teaming tools and the artefacts they produce when used
•Being able to realistically hypothesise how a threat actor would go about attacking an organisation
•Curation of cyber threat intelligence and using this to better inform cyber security capabilities
•Ability to develop a timeline of how an attack occurred and unfolded, applying this to both threat hunts and when responding to incidents
•Operating system, network, software and hardware fundamentals, especially Microsoft products
•High-level system and network administrative knowledge including an overall understanding of how key services like Active Directory are configured
•Confident in presenting technical concepts and findings to audiences of various levels of technical understanding
•Communication and collaboration with internal and provider teams
Experience Required:
•3yr+ experience of having worked in a Security Operations environment, responding to and investigating cyber security incidents
•Demonstrable experience of hypothesis-led cyber threat hunts that have led to improved detection and response capabilities
•Experience of analysing and determining the significance of threat intelligence
Relevant Qualifications:
•Appropriate cyber security certifications will be beneficial but are certainly not essential
Location and Working Hours:
* Full‑time position, 37.5 hours per week (Monday–Friday)
* Hybrid working: 2 days per week in our MediaCityUK office (Salford, Greater Manchester)
* On‑call participation required periodically
Salary & Benefits
We offer a competitive salary and a comprehensive benefits package designed to support your wellbeing, lifestyle and long‑term growth, including:
* Hybrid working, including time each week in our MediaCityUK office to collaborate and connect
* Free car parking at MediaCityUK
* Enhanced maternity and paternity pay
* Electric car scheme
* Nursery benefit
* Company pension
* Buy/sell holiday options
* Access to a wide range of retail, lifestyle and leisure discounts
* Private Medical Insurance (PMI)
* Health cash plan
* Life assurance
* Regular social events and team activities
* The chance to work with an amazing, friendly and collaborative team