IT Specialist - Cyber Security

Mott MacDonald

Location: Tyne and Wear

Job Type: Full time


Mott MacDonald are seeking a Security Engineer with a strong background in threat hunting and incident response who will be working closely with our Security Operations Centre (SOC) and Security Operations (SO) teams.

As a vital member of our cyber security team, you will play a critical role in ensuring the security of our digital infrastructure and data.

Job Description

Key Responsibilities and Accountabilities

Proactive Threat Hunting:

  • Continuously identify and hunt for security threats within our network and systems. Utilise advanced threat hunting techniques and tools to uncover potential risks.
  • Develop, customise, and maintain threat hunting playbooks that outline standardised procedures for investigating various types of threats. These playbooks will help ensure consistent and effective threat response.

Threat Intelligence:

  • Stay abreast of the evolving threat landscape, emerging attack tactics, and vulnerabilities.
  • Evaluate new MITRE ATT&CK tactics and techniques against existing architecture and configurations.
  • Produce reports and communications on the latest threats for a variety of audiences.
  • Apply threat intelligence to enhance detection and response strategies for both insider risks and external threat actors.

Security Tool Development and Management:

  • Manage and maintain various security tools and technologies, ensuring they are up-to-date and optimised for threat detection.
  • Work with penetration testers and prioritise vulnerability assessment outputs.

Reporting and Documentation:

  • Create detailed reports on threat hunting activities, incidents, and vulnerabilities.
  • Maintain thorough documentation of procedures and findings.

Risk Management:

  • Work with Risk Managers to ensure weaknesses and threats are documented, prioritised appropriately, and remediated.
Candidate Specification :

Formal Education and Certification:

  • Bachelor's degree or equivalent work experience.
  • Relevant certifications such as CISSP or CCSP are preferred.
  • Has, or is eligible for, UK Security Clearance (SC).

Knowledge and Experience:

  • Proven experience in threat hunting and incident response, with a minimum of 2 years in a similar role with a large multinational organisation.
  • Broad experience in a wide variety of IT systems.
  • Experience with Microsoft and Azure security tools and controls.
  • Understanding of modern cloud and network technologies.
  • Good understanding of network architecture and defence by design.
  • Proficiency in scripting and programming (e.g., Python, PowerShell) and a broad range of technical skills.
  • Strong understanding of ransomware attack techniques and mitigation strategies.
  • Worked within Frameworks NIST, Cyber Essentials, ISO 27001 and NCSC CAF.
  • Worked with CIS benchmarks.

Personal Attributes:

  • Excellent interpersonal skills: writing, speaking, listening, persuading, influencing and collaborating.
  • Superior analytical, evaluative, and problem-solving abilities.
  • Ability to convey complex technical concepts to non-technical stakeholders.
  • Ability to learn new things quickly, to thrive on change, navigate ambiguity, and to strive for continuous improvement.
  • Ability to develop and maintain a workplan.