Unfortunately, this job is not active.

Threat and Vulnerability Analyst in London

Threat and Vulnerability Analyst        Location:... Salary:... Opening Date: 06/06... Closing Date: 04/07/2018                                                                                                         

Job description

Threat and Vulnerability Analyst     

 

Location: London

Salary: COMPETITIVE
Opening Date: 06/06/2018

Closing Date: 04/07/2018                                                                                                         

 

Job purpose: Support the management and ownership of security services and operations within Thomas Cook.

 

Key accountabilities:

  • Perform threat identification and vulnerability management duties across the Thomas Cook Group networks
  • Maintain a Compliance/Vulnerability Assessment (VA) Scanning Capability. Conduct routine scanning of infrastructure and network elements
  • Monitor threat and vulnerability news services for any relevant information that may impact installed infrastructure. Analyse reports to understand threat campaign(s) techniques, lateral movements and extract indicators of compromise (IOCs).
  • Ability to performing Red team exercises
  • Knowledge of malware packing and obfuscation techniques
  • Ability to automate tasks using a scripting language (Python, Perl, Ruby, etc)
  • Experience in writing POC exploits and creating custom payloads
  • Highly capable with system exploits, network exploits and/or web application exploitation
  • Familiarity with common reconnaissance, exploitation, and post exploitation frameworks
  • Responsible for ensuring vulnerability scanning toolsets and operational services are fit for purpose
  • Responsible for compiling, disseminating and tracking security vulnerability and threat notifications to internal teams and third party suppliers.
  • Support enhancement, improvement and delivery of threat analysis and vulnerability management processes and procedures to reduce risk
  • Responsible for fine-tuning vulnerability management toolsets to provide maximum benefit and reduce overall company cyber risk

 

Skills experience:

  • Theoretical and practical knowledge in the following areas:
    • Unix, Linux, Windows, etc. operating systems
    • Well-known networking protocols and services (SFTP, HTTP, SSH, SMB, LDAP, etc.)
    • Exploits, vulnerabilities, network attacks
    • Packet analysis tools (tcpdump, Wireshark, ngrep, etc.)
    • Regular expressions
  • Extensive understanding of cryptographic concepts and applied cryptography
  • Experience in malware analysis, reverses engineering and forensic tools will be a massive advantage.
  • Proven experience in Nessus, OpenVAS, Qualys or similar Vulnerability Assessment (VA) scanner operations for identifying network and platform risks and mis-configurations.
  • Strong analytical skills, capable of analysing complex technical information to identify patterns, trends and linkage.
  • Previous experience within vulnerability management
  • Excellent written and verbal skills, with the ability to translate complex concepts into easily understood principals.
  • The ability to pro-actively identify cross-functional threats and vulnerabilities
  • Previous experience writing vulnerability management procedures
  • Penetration testing experience is essential
  • Detailed understanding of ITIL principals
  • The ability to work across various cultures internationally

 

Technical / professional qualifications:

  • MSc in Cyber /Network Security or relevant work experience
  • OSCP
  • OSCE
  • GPEN, or similar certification preferable

Extra information

Status
Closed
Location
London
Full UK/EU driving license preferred
No
Car Preferred
No
Must be eligible to work in the EU
No
Cover Letter Required
No