3 of 3 Permanent Cyber Kill Chain Jobs in the South East

In a nutshell The principal purpose of the role is to identify, contain, eradicate, and recover from information security incidents. Assisting the Information and Cyber Security Management team in implementing improvement initiatives that increase our maturity across our Threat Management capabilities. The role will require extensive Incident Response experience … to day Development of the tools and processes to establish and improve the threat hunting program. Keeping an up-to-date understanding of the cyber threat landscape through threat intelligence and industry research. Define and design new security use cases and alerts to identify evolving attack scenarios. Participate in … desirable. Forensics experience desirable but not essential. Good knowledge of information security frameworks such as NIST, ISO2700 series, PCI/DSS, GDPR and emerging cyber and aviation security standards. Demonstrable experience in a similar senior security operations role. Demonstrable experience of leading incident response activities through the entire lifecycle. More ❯

lead and mentor a team of developers, fostering collaboration, motivation, and a positive work environment. Excellent familiarity with standard security frameworks such as MITRE, cyber kill chain and APT campaign strategies. One or more cyber security certifications such as GCIA, GCIH, GCFA, GNFA, CEH, ECSA preferred More ❯

help drive our clients' CTI frameworks and products forward whilst supporting with some of the day-to-day activities. Responsibilities: Lead and support weekly Cyber Threat Intelligence (CTI) activities and reporting. Drive continuous improvement of CTI processes and frameworks. Contribute to the development and enhancement of CTI tools and … CTI teams. Strong knowledge of threat intelligence lifecycle and operational CTI practices. Hands-on experience implementing CTI frameworks (e.g., MITRE ATT&CK, Diamond Model, Cyber Kill Chain). Familiarity with CTI platforms (e.g., MISP, OpenCTI, ThreatConnect) and external intelligence sources (e.g., SpyCloud, Recorded Future, etc.). More ❯