Threat and Vulnerability Analyst
Opening Date: 06/06/2018
Closing Date: 04/07/2018
Job purpose: Support the management and ownership of security services and operations within Thomas Cook.
- Perform threat identification and vulnerability management duties across the Thomas Cook Group networks
- Maintain a Compliance/Vulnerability Assessment (VA) Scanning Capability. Conduct routine scanning of infrastructure and network elements
- Monitor threat and vulnerability news services for any relevant information that may impact installed infrastructure. Analyse reports to understand threat campaign(s) techniques, lateral movements and extract indicators of compromise (IOCs).
- Ability to performing Red team exercises
- Knowledge of malware packing and obfuscation techniques
- Ability to automate tasks using a scripting language (Python, Perl, Ruby, etc)
- Experience in writing POC exploits and creating custom payloads
- Highly capable with system exploits, network exploits and/or web application exploitation
- Familiarity with common reconnaissance, exploitation, and post exploitation frameworks
- Responsible for ensuring vulnerability scanning toolsets and operational services are fit for purpose
- Responsible for compiling, disseminating and tracking security vulnerability and threat notifications to internal teams and third party suppliers.
- Support enhancement, improvement and delivery of threat analysis and vulnerability management processes and procedures to reduce risk
- Responsible for fine-tuning vulnerability management toolsets to provide maximum benefit and reduce overall company cyber risk
- Theoretical and practical knowledge in the following areas:
- Unix, Linux, Windows, etc. operating systems
- Well-known networking protocols and services (SFTP, HTTP, SSH, SMB, LDAP, etc.)
- Exploits, vulnerabilities, network attacks
- Packet analysis tools (tcpdump, Wireshark, ngrep, etc.)
- Regular expressions
- Extensive understanding of cryptographic concepts and applied cryptography
- Experience in malware analysis, reverses engineering and forensic tools will be a massive advantage.
- Proven experience in Nessus, OpenVAS, Qualys or similar Vulnerability Assessment (VA) scanner operations for identifying network and platform risks and mis-configurations.
- Strong analytical skills, capable of analysing complex technical information to identify patterns, trends and linkage.
- Previous experience within vulnerability management
- Excellent written and verbal skills, with the ability to translate complex concepts into easily understood principals.
- The ability to pro-actively identify cross-functional threats and vulnerabilities
- Previous experience writing vulnerability management procedures
- Penetration testing experience is essential
- Detailed understanding of ITIL principals
- The ability to work across various cultures internationally
Technical / professional qualifications:
- MSc in Cyber /Network Security or relevant work experience
- GPEN, or similar certification preferable
- Full UK/EU driving license preferred
- Car Preferred
- Must be eligible to work in the EU
- Cover Letter Required