Applications for this job have closed. This page will redirect to the Mott MacDonald jobs page in 10 seconds.
IT Specialist - Cyber Security
Tyne and Wear
Full time
Mott MacDonald are seeking a Security Engineer with a strong background in threat hunting and incident response who will be working closely with our Security Operations Centre (SOC) and Security Operations (SO) teams.
As a vital member of our cyber security team, you will play a critical role in ensuring the security of our digital infrastructure and data.
Job Description
Key Responsibilities and Accountabilities
Proactive Threat Hunting:
- Continuously identify and hunt for security threats within our network and systems. Utilise advanced threat hunting techniques and tools to uncover potential risks.
- Develop, customise, and maintain threat hunting playbooks that outline standardised procedures for investigating various types of threats. These playbooks will help ensure consistent and effective threat response.
Threat Intelligence:
- Stay abreast of the evolving threat landscape, emerging attack tactics, and vulnerabilities.
- Evaluate new MITRE ATT&CK tactics and techniques against existing architecture and configurations.
- Produce reports and communications on the latest threats for a variety of audiences.
- Apply threat intelligence to enhance detection and response strategies for both insider risks and external threat actors.
Security Tool Development and Management:
- Manage and maintain various security tools and technologies, ensuring they are up-to-date and optimised for threat detection.
- Work with penetration testers and prioritise vulnerability assessment outputs.
Reporting and Documentation:
- Create detailed reports on threat hunting activities, incidents, and vulnerabilities.
- Maintain thorough documentation of procedures and findings.
Risk Management:
- Work with Risk Managers to ensure weaknesses and threats are documented, prioritised appropriately, and remediated.
Candidate Specification :
Formal Education and Certification:
- Bachelor's degree or equivalent work experience.
- Relevant certifications such as CISSP or CCSP are preferred.
- Has, or is eligible for, UK Security Clearance (SC).
Knowledge and Experience:
- Proven experience in threat hunting and incident response, with a minimum of 2 years in a similar role with a large multinational organisation.
- Broad experience in a wide variety of IT systems.
- Experience with Microsoft and Azure security tools and controls.
- Understanding of modern cloud and network technologies.
- Good understanding of network architecture and defence by design.
- Proficiency in scripting and programming (e.g., Python, PowerShell) and a broad range of technical skills.
- Strong understanding of ransomware attack techniques and mitigation strategies.
- Worked within Frameworks NIST, Cyber Essentials, ISO 27001 and NCSC CAF.
- Worked with CIS benchmarks.
Personal Attributes:
- Excellent interpersonal skills: writing, speaking, listening, persuading, influencing and collaborating.
- Superior analytical, evaluative, and problem-solving abilities.
- Ability to convey complex technical concepts to non-technical stakeholders.
- Ability to learn new things quickly, to thrive on change, navigate ambiguity, and to strive for continuous improvement.
- Ability to develop and maintain a workplan.