Share this Job

CSIRT Senior Cyber Security Incident Responder

Publish Date:  Sep 15, 2022
Location: 

Birmingham, West Midlands, GB-United Kingdom

Company:  Atos

About Atos

Atos is a global leader in digital transformation with 110,000 employees in 73 countries and annual revenue of € 12 billion. European number one in Cloud, Cybersecurity and High-Performance Computing, the Group provides end-to-end Orchestrated Hybrid Cloud, Big Data, Business Applications and Digital Workplace solutions. The Group is the Worldwide Information Technology Partner for the Olympic & Paralympic Games and operates under the brands Atos, Atos|Syntel, and Unify. Atos is a SE (Societas Europaea), listed on the CAC40 Paris stock index.

The purpose of Atos is to help design the future of the information space. Its expertise and services support the development of knowledge, education and research in a multicultural approach and contribute to the development of scientific and technological excellence. Across the world, the Group enables its customers and employees, and members of societies at large to live, work and develop sustainably, in a safe and secure information space.

At Atos, our ambition is to be a diverse and inclusive company where people are truly free to be themselves. They can thrive, achieve their personal goals and innovate without limitations. We welcome everyone to apply.

 

The Opportunity

As a leading Managed Security Services Provider and key business division of Atos, BDS Digital Security are experts in the provision of cyber security products and services to a vast array of clients spanning multiple industry sectors. In support of our growth, BDS Digital Security UK&I are seeking a Senior Cyber Security Incident Responder to support new and existing business.

 

Background

This is a great opportunity for an experienced security professional with Cyber Security Incident Response experience to move into a growth area of the business.

 

Location: 

Primary office location Birmingham (Security Operations Centre) with flexible working.

 

Your Role & Responsibilities

  • Lead cyber security incident response engagements covering incident handling and coordination, in-depth technical analysis, and investigation through to recovery
  • Identify patterns and behaviours related to threat actors and propose improvements to detection and protection capabilities
  • Ability to communicate complex cyber-attacks to technical and non-technical audiences with recommended mitigating actions
  • Perform post incident lessons learned, root cause analysis and incident reporting
  • Conduct threat hunting across a large range of security solutions and products. SIEM, WAF, IPS/IDS, Network Anomaly, AV, EDR
  • Lead and support Digital Forensics investigations and produce technical findings reports
  • Act as an escalation point to the SOC from a technical and consultive perspective
  • Play a key role within Purple Team activities
  • Post incident consultation with pre-sales or customers regarding their wider technology and posture to aid towards readiness reviews and suggest the best fit solutions to secure the customer
  • Support and mentor team members, driving continual improvements in incident response and threat detection
  • Required Technical and Professional Expertise

 

Essential Requirements:

  • Security incident response, coordination, communications, mitigation, and remediation
  • Experienced and hardworking Cyber Security Professional, specialising in Security Incident Response & Security Operations with a minimum of 3 years’ experience within a SOC or CSIRT Function
  • Identification of threats through to resolution/mitigation, providing clear and significant communication
  • Document security incidents both for reporting and case study perspective
  • Conduct malware analysis to determine capabilities and aid the response of an incident
  • Digital Forensics experience across open source and commercial tools with knowledge of industry standard process and methodology
  • Demonstrable ability to manage client interactions
  • Good interpersonal and communication skills
  • Ability to provide technical mentorship to both technical and non-technical audiences
  • Endpoint and network-based analysis. (EDR, WAF, IDS/IPS, NGFW, Network Anomaly etc.)
  • Experience with Microsoft Azure Cloud Security products
  • Intelligence lead threat hunting and methodology
  • Ability to hunt for known and unknown threats and disseminate intel into TECHINT/OPINT for IOC/TTP integration into SOC detection and protection capabilities
  • Support security content generation in rule/signature detection with an understanding of rule logic, KQL and vendor specific DevSecOps
  • Any sector specific knowledge will also be helpful, an MSSP customer base covers many different sectors
  • Disassembly (low level programming language)/ reverse engineering experience will be helpful

 

Knowledge:

  • Excellent technical security knowledge of network architecture, IT infrastructure, applications, and systems including an understanding of cloud services such as MS Azure and AWS
  • Industry recognised certification relating to Cyber Security Incident Response (desirable)
  • Offensive Security Certified Professional or equivalent (desirable)
  • GIAC certification in GCFE, GCFA, GCIH or GCIA (desirable)
  • SANS Defensive and DFIR certifications (desirable)
  • ISC2 CISSP (desirable)
  • Solid grasp of any of the following security frameworks; NIST, PCI DSS, ISO:27001 or The Critical Security Controls for Effective Cyber Defence
  • Functional knowledge of Incident Response and Cyber Security Operations along with Cyber Kill Chain, MITRE ATT@CK, NIST CSF, OSINT, TTPs, IOCs, APTs and how to best apply
  • Understanding of compliance requirements and how these relate to cyber security business practises and controls

 

Behaviours:

  • Ability to remain calm and collected throughout the management and hands-on activities of a security incident
  • Ability to manage time and work to deadlines with strong prioritisation skills
  • Good interpersonal skills and ability to collaborate with multiple teams
  • Ability to understand technical engagements
  • Willingness to learn, question and continually develop

 

What we Offer:

  • Attractive salary
  • 25 days of Annual leave + an option to purchase more through our Flexible Benefits
  • Flex benefits system – exciting opportunity to choose your own benefits
  • Retail discounts
  • Pension - matching contribution up to 10%
  • Private Medical Scheme
  • Life Assurance
  • Enrolment in our Share scheme - subject to scheme eligibility criteria
  • Unlimited opportunities to learn in our Training platforms

 

Here at Atos, we want all of our employees to feel valued, appreciated, and free to be who they are at work. Our employee lifecycle processes are designed to prevent discrimination against our people regardless of gender identity or expression, sexual orientation, religion, ethnicity, age, neurodiversity, disability status, citizenship, or any other aspect which makes them unique. Across the globe, we have created a variety of programs to embed our Atos culture of inclusivity, and work hard to ensure that all of our employees have an equal opportunity to contribute and feel that they are exactly where they belong.