Identify patterns and behaviours related to threat actors and propose improvements to detection and protection capabilities
Ability to communicate complex cyber-attacks to technical and non-technical audiences with recommended mitigating actions
Perform post incident lessons learned, root cause analysis and incident reporting
Conduct threat hunting across a large range of security solutions and products
Lead and support Digital Forensics investigations and produce technical findings reports
Support team in driving continual improvements in incident response and threat detection

Security incident response, coordination, communications, mitigation, and remediation
Experienced and hardworking Cyber Security Professional, specializing in Security Incident Response & Security Operations with a minimum of 3 years' experience within a SOC or CSIRT Function
Identification of threats through to resolution/mitigation, providing clear and significant communication
Document security incidents both for reporting and case study perspective
Conduct malware analysis to determine capabilities and aid the response of an incident
Digital Forensics experience across open source and commercial tools with knowledge of industry standard process and methodology
Good interpersonal and communication skills
Ability to provide technical mentorship to both technical and non-technical audiences
Endpoint and network-based analysis (EDR, WAF, IDS/IPS, NGFW, Network Anomaly etc.)
An in-depth knowledge of Windows and/or Linux/Unix & understanding of networking and common protocols
Experience with Microsoft Azure Cloud Security products
Intelligence lead threat hunting and methodology
Ability to hunt for known and unknown threats
Any sector specific knowledge will also be helpful, an MSSP customer base covers many different sectors
Disassembly (low level programming language)/ reverse engineering experience will be helpful

Manager – CSIRT, Incident Remediation

Key skills