Job Description:

Job information Cyber Security Threat Hunter from the Company Aveva, this latest Cyber Security Threat Hunter job vacancy is located in the city London located in the country United Kingdom . This latest job opening is open to job seekers who have the latest education / graduate GCSE . Job Vacancies in this Cyber field have been opened and published up to the specified time.

Job Responsibility:

AVEVA is a global leader in industrial software. Our cutting-edge solutions are used by thousands of enterprises to deliver the essentials of life - such as energy, infrastructure, chemicals and minerals - safely, efficiently and more sustainably. We're the first software business in the world to have our sustainability targets validated by the SBTi, and we've been recognized for the transparency and ambition of our commitment to diversity, equity, and inclusion. We've also recently been named as one of the world's most innovative companies. If you're a curious and collaborative person who wants to make a big impact through technology, then we want to hear from you! Find out more at AVEVA Careers . For more information about our privacy policy and how to manage cookies, visit our Privacy Policy . The Job The Cyber Security Threat Hunter will assist Cyber Threat Hunter Manager, Head of Cyber Threat Intelligence & Hunting, work closely with other Cyber Security Threat Hunters, Cyber Threat Intelligence Team, DFIR Team, Red Team, and Digital Security team to proactively hunt & mitigate Cyber Security known and unknown threats used by the Threat Actors. Cyber Security Threat Hunter focused on both proactive and reactive cyber threat hunting operations across AVEVA networks to continuously identify and disrupt the adversary while consistently improving detection capability and efficiency for the AVEVA's security solution controls. Responsibilities Primaries Duties

• Assist on identifying and tracking threat actor groups of their techniques, tools, and procedures (TTP) while maintaining current knowledge of tools and best practices of Advanced Persistent Threats (APT).
• Perform proactive and reactive cyber threat hunting activity using cyber threat intelligence data, analysis of anomalous log data, and results of collaborative brainstorming sessions to detect and eradicate threats.
• Use the MITRE ATT&CK framework to analyze malicious campaigns and evaluate the effectiveness of security technologies.
• Assist and collaborate with Cyber Threat Hunter Manager on researching and contributes to provide world class security techniques and automation for internal use that enable the team to operate at high speed and broad scale.
• Assist Cyber Threat Hunter Manager to collaborate with AVEVA's Cyber Security Threat Intelligence Team on the cyber threat Intelligence feeds and solutions to identify threats, prioritize, recommend countermeasures, and perform advanced network & host analysis in the event of a compromise.
• Collaborate with Cyber Threat Hunter Manager to determine true threats, false positives and network system misconfigurations and provide recommendation and solutions to issues detected in a timely manner.
• Support Cyber Threat Hunter Manager on development and socialisation of the end-to-end framework and processes for the management of cyber threat hunting services across the group.
• Support on collaborating with internal security teams, security programs and 3rd party to provide data driven insights into existing and emerging threats.
• Support cyber threat intelligence team to provide threat informed defenses to improve the prioritization of preventative controls and mitigations to improve defenses of AVEVA.
• Support Cyber Security Threat Hunter Manager to engaged and collaborate with Red Team to analyze and evaluate the effectiveness of existing security controls against identified TTPs.
• Provide support to DFIR Team on internal security incidents by performing reactive cyber threat hunting activity during investigations and building a common understanding of cyber threat activities.
• Proactively identifying, investigating, and provide support on hunting the potential attacks and security risks on AVEVA networks and systems using various platform dashboards and cyber threat feeds.
• Develop operations processes, procedures, and checklist documentations, such as cyber threat hunting process, playbooks, and guidelines.
• Support in incident response activity from cyber threat hunter perspective using AVEVA defined Security Incident Response framework such as NIST.
• Reports to Cyber Threat Hunter Manager and Head of Cyber Threat Intelligence & Hunting on concerning security events, incident trends, residual risk, vulnerabilities, and other security exposures, including misuse of information assets and noncompliance.
• Works with DFIR Team and any required partners/business functions such as R&D to resolve security events, incidents, and service requests from cyber threat hunting perspective.
• Ensures compliance of security processes and procedures and supports service-level agreements (SLAs) to ensure that security controls are managed and maintained.
• Provide insight on cyber threat Intelligence security advisories, blogs, and other communication channels on current and emerging security threats to AVEVA assets and people via the security awareness programme.
• Operate cyber threat hunting reporting service against defined schedule and agreed reporting templates.
• Be available to provide reactive support to critical security incidents outside standard business hours as part of a rota.

Additional Duties Under the guidance of Cyber Threat Hunter Manager

• Assist with control improvements to identify control weaknesses and contributes to threat advisories.
• Participates in security investigations and compliance reviews, as requested by internal or external team.
• Maintain awareness of applicable regulatory standards, upstream risks, and industry leading security practices.
• Provide feedback and recommendations on existing and new security tools and techniques for the improvement of analysis, hunting, incident investigation and security controls.
• Participate in incident response tabletop exercises and simulations to refine threat hunting and incident response procedures.
• Provide input into the organization's cybersecurity strategy based on threat hunting insights and findings.
• Assist in the development and implementation of threat detection use cases within security tools.

Skills & Qualifications

• Minimum of five years information and cyber security experience as Cyber Security Threat Hunter, Incident Response Analyst or Senior Cyber Security Analyst (SOC Level 3).
• Bachelor's degree in information systems or equivalent work experience in relevant information and cyber security domain.
• Security certification from a recognised organisation such as ISC2, CompTIA, ECCouncil, SANS Institute is as advantage.
• Technology standard certification such as from Cisco, SIEM, Cloud or Microsoft is an advantage.
• Experience using cyber threat hunting platform and provide reports within the cyber security, geopolitical, or any other security domains.
• Experience in cyber threat hunting both proactive and reactive hunting as well as in purple team initiative.
• Excellent understanding of cyber threat attack vectors, threat intelligence framework such as MITRE ATT&CK and how they are used, and methods to detect and mitigate them.
• Excellent technical knowledge of Microsoft Operating Systems. Knowledge and experience of Linux and Macintosh.
• Good technical knowledge of:
  • Cyber Security Threat Intelligence
  • Cyber Security Threat Intelligence controls
  • Cyber Security Threat Hunting
  • Network traffic and protocol analysis of security events from network devices, firewalls, intrusion detection and prevention systems
  • Endpoint Detection and Response controls
  • Endpoint protection and anti-malware controls
  • Identity and access management (IAM) systems
  • Email and phishing protection
  • Cloud security, such as Azure or AWS
• Experience using scripting and automation with languages such as Powershell, Python, YARA & PERL is an advantage.
• Experience in various search or query language such as SPL, KQL, SQL, and OSQuery is an advantage.
• Experience in writing and converting SIGMA, YARA, Snort or Suricata rules is an advantage.
• Technical experience using Security Information and Event Management (SIEM) and analysing log data.
• Good knowledge and understanding of information risk concepts and principles, as a means of relating business needs to security controls.
• Knowledge and experience in developing and documenting security processes, plans, procedures, and guidelines.
• Good knowledge and understanding of common information security management frameworks such as such as MITRE ATTACK, International Organization for Standardization (ISO) 2700x and the ITIL, COBIT and National Institute of Standards and Technology (NIST) or Center for Internet Security (CIS) frameworks.

AVEVA requires all successful applicants to undergo and pass a comprehensive background check before they start employment. Background checks will be conducted in accordance with local laws and may, subject to those laws, include proof of educational attainment, employment history verification, proof of work authorization, criminal records, identity verification, credit check. Certain positions dealing with sensitive and/or third party personal data may involve additional background check criteria. AVEVA is an Equal Opportunity Employer. We are committed to being an exemplary employer with an inclusive culture, developing a workplace environment where all our employees are treated with dignity and respect. We value diversity and the expertise that people from different backgrounds bring to our business. Come and join AVEVA to create the transformative technology that enables our customers to engineer a better world.

Keywords : London jobs

Closed Date : 2024-12-18