Cyber Incident Response Analyst

2019-02-12 16:49:551970-01-01Cyber Security Professionals
Job TypePermanent Fulltime
AreaSouth West England, UKBristol
SectorCybersecurityInformation Security
SalaryNegotiable + Package
Start DateASAP
AdvertiserIdentifi Global

Our client is a global high-tech company and one of the key players in Aerospace, Defence and Security. They are the largest inward investor in the UK defence sector, and one of the biggest suppliers of defence equipment to the UK MoD.

They’re looking for a Cyber Incident Response Analyst specialising in host forensics and malware analysis to join their clients Cyber Incident Response Team (CIRT). The CIRT delivers specialist technical cyber security services to a range of clients across a variety of industries including construction, government, defence and aerospace.

What will you be doing?
A typical day includes investigating alerts from security appliances on our client’s estates, researching better ways to detect, analyse and respond to emerging threats based on cyber threat intelligence and maintaining our core capabilities and services through proper reporting, documentation and process development.

In the event of a confirmed or suspected cyber security incident, you’ll be responsible for advising clients on the best course of action or taking the reigns and confidently understanding the extent, impact and possible remedial action, while capturing appropriate intelligence and supporting evidence during an investigation. Response may be conducted remotely or on client site.

You’ll also have the opportunity to get involved in our consulting engagements, which might see you training our clients on-site in best practice for cyber response, conducting investigations or supporting our cyber consulting team as a technical specialist.

Your key responsibility areas will include:

  • Reporting directly to the Senior Cyber Incident Response Analyst, supporting the professional delivery of all Cyber Incident Response services
  • Acting as the subject matter specialist in malware analysis for threat intelligence or during an ongoing incident
  • Advising clients on how to best respond to any given incident, from boardroom to boots-on-the-ground
  • Advising clients on how to best implement mitigation measures which might prevent or limit future incidents
  • Providing specialist cyber knowledge to clients and to the internal team
  • Conducting threat hunting across available security devices and through operating system native or custom tooling and capability
  • Developing threat intelligence such as the creation of YARA, OpenIOC and Snort signatures from the analysis of malware samples and output of incident investigations

Why Should You Apply?
We offer fantastic opportunities for learning, development and professional growth. As a team, we dedicate time to research projects and encourage our specialists to get involved in the InfoSec community in Bristol and beyond, promoting sharing and constant development.

We want to support you and encourage you to fulfil your potential through:

  • Flex-leave schemes: We offer our employees the time and flexibility they need to enjoy a balanced life
  • Annual leave: We offer 25 days holiday plus 8 bank holidays
  • Supportive relocation package: to make your move to Bristol even more attractive
  • Award-winning pension scheme: Our multi-award-winning pension scheme includes generous employer contribution
  • Employee discount schemes: We offer you and your family an attractive range of discounts from retail and cinema to hotel bookings and vehicles benefits
  • Reserve Forces: We provide positive support to the Reserve Forces and allow employees who are Reservists to take additional time off
  • Free parking: This is available on or near all our sites
  • Salary sacrifice schemes including childcare voucher scheme: We encourage working parents to save money on childcare by offering them several advantageous facilities and vouchers
  • Career break: Where appropriate, we support our employees in pursuing other interests outside the workplace


  • Willing to undertake occasional travel whilst conducting incident response work
  • Hold or be eligible for SC Clearance (minimum)
  • Excellent knowledge of the inner workings of Windows Operating Systems
  • Excellent knowledge of how malware works and experience in tearing it apart to understand its capabilities and draw out actionable threat intelligence
  • Some knowledge of the fundamentals of Unix systems including MacOS and Linux distributions (Debian, Ubuntu, CentOS, etc)
  • Excellent knowledge of host-based investigations including digital forensic principles and practices
  • Ability to create YARA, OpenIOC and Snort signatures
  • Fundamental knowledge of common networking and routing protocols (e.g. TCP/IP) and services (e.g. TLS, DNS, SMTP)
  • Some experience of packet-level analysis, firewall and hypervisor administration, network appliance log analysis and management of network intrusion detection and prevention systems
  • Some knowledge of Cyber Security Incident Response processes and procedures
  • Some knowledge of Cyber Threat Intelligence creation, management and use
  • Some experience in winning commercial bids and delivering technical services
  • Practical programming knowledge or experience in writing scripts in languages such as Python, PowerShell and Bash.

If interested in discussing further, or in having an informal chat, please apply below for further information!

Apply Later
Sign in
Similar Jobs
  • Information Security Architect
    UK, South West England
    Information Security
    60000 - 70000 GBP

    An innovative technology and defence company based in Gloucestershire are currently looking for an experienced Information Security Architect on either a contract or permanent ... basis to join a growing team providing security assurance services across the public and private sector. You will apply...
  • Information Security Engineer
    UK, South West England
    Information Security
    45000 - 55000 GBP

    Job title: Information Security Engineer Location: Bristol Salary: £45,000 - £55,000 bonus benefits I have an exciting and challenging opportunity for an experienced Information ... used within the financial services sector. As part of a growing information security function, you will be respons...
  • Senior Information Security Officer
    UK, South West England
    Information Security
    23040 - 27763 GBP

    We are currently recruiting for an Senior Information Security Officer for our public sector client on an initial 3-6 month contract. Extensions and other opportunities could ... arise. The successful Senior Information Security Officer will develop, implement and operate policies and strategies de...
Email Me Jobs Like This
Subscribed to similar jobs notifications

Cyber-Exchange Member-Badge Full AFC POS RGB logo referenced on jobboard finder 90x90

We use cookies to provide you with the best possible browsing experience on our website. You can find out more below.
Cookies are small text files that can be used by websites to make a user's experience more efficient. The law states that we can store cookies on your device if they are strictly necessary for the operation of this site. For all other types of cookies we need your permission. This site uses different types of cookies. Some cookies are placed by third party services that appear on our pages.
Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. The website cannot function properly without these cookies.
SessionUsed to track your user session on our website.
ResolutionUsed to ensure the correct version of the site is displayed to your device.
Statistic cookies help website owners to understand how visitors interact with websites by collecting and reporting information anonymously.
Google AnalyticsGoogle Analytics is an analytics tool to measure website, app, digital and offline data to gain user insights.

More Details