Schroders London, UK
Oct 18, 2017Full time
Overview of role The Global Cyber Risk Operations group is currently looking for a Senior Cyber Incident Response Analyst based in the London Head office to be responsible for escalation and lead investigation of Cyber security incidents within established Service Level Agreements. Performing daily operational Real Time monitoring and analysis of security events from multiple sources including but not limited to events from Security Information Monitoring tools, network and host based intrusion detection systems, network infrastructure logs, system logs (Unix & Windows), applications and databases. When security incidents have been identified the senior analyst will need the appropriate knowledge to conduct computer forensic analysis, data recovery, eDiscovery, and other IT investigative work. Additional responsibilities will include performing documentation review and improvement, attending meetings as needed, serve front line response for troubleshooting low-level engineering issues as needed. Collaboration with IT technical teams for issue resolution and mitigation Documentation of actions taken for audit, regulatory and legal purposes within approved event tracking system Communicate and escalate issues and incidents as required by process or management Collaboration with IT technical teams to deliver Information Security service improvements through project life cycle The Global Computer Security Incident Response Team (CSIRT) is a 24x7, follow-the-Sun operation with members in key geographical locations, this person will be required to cover UK shift rotational days between 08:00 - 18:00 Monday to Friday. Essential Skills A sound understanding of TCP/IP and networking concepts Solid and demonstrable comprehension of Information Security including malware, emerging threats, attacks, and vulnerability management Host level forensics Strong deductive reasoning, critical thinking, problem solving, and prioritisation skills Experience assisting the development and maintenance of tools, procedures, and documentation for the Computer Security Incident Response Team (CSIRT) Customer service including the resolution of customer escalations, incident handling, and response Subject matter expert (SME) in one or multiple areas such as Windows, Unix, Firewalls, intrusion detection, threat detection analysis, or computer forensic Ability to think strategically, work with a sense of urgency and pay attention to detail Ability to follow detailed process and procedure documentation Ability to present complex solutions and methods to general community Demonstrated ability to be reliable and flexible Excellent written and verbal communication and organisational skills Outstanding work ethic Strong team player that collaborates well with others to solve problems and actively incorporate input from various sources Understanding of network design principles with and knowledge of the OSI model Ability to rapidly find, assimilate and correlate information correctly while under pressure Network, Security, or Platform certification(s) (S+, N+, MCSP, CNA) One or more of the following SANS GIAC, GCIA or GCIH certification and/or CISSP, CISM Experience working on global teams across time zones, cultures, and languages Desirable Skills Working knowledge of malware forensic technologies Working knowledge of malware sandboxing technologies Working knowledge Vulnerability Management Products Working knowledge UNIX/Linux Working knowledge of SQL queries Schroders is an equal opportunities employer and welcomes applications regardless of sex, marital status, ethnic origin, sexual orientation, religious belief or age. Note to Agencies: Schroders does not accept speculative CV's from agencies. We do have a PSL who are invited to support us when required. We only pay fees to agencies instructed to send CV's and are submitted through our recruitment portal. We do not pay fees on speculative or unsolicited CV's sent to Schroders or Schroders employees and reserve the right to contact unsolicited CV's directly.