Unfortunately, this job is not active.

Threat and Vulnerability Analyst in London

Threat and Vulnerability Analyst        Location:... Salary:... Opening Date: 06/06... Closing Date: 04/07/2018                                                                                                         

Job description

Threat and Vulnerability Analyst     


Location: London

Opening Date: 06/06/2018

Closing Date: 04/07/2018                                                                                                         


Job purpose: Support the management and ownership of security services and operations within Thomas Cook.


Key accountabilities:

  • Perform threat identification and vulnerability management duties across the Thomas Cook Group networks
  • Maintain a Compliance/Vulnerability Assessment (VA) Scanning Capability. Conduct routine scanning of infrastructure and network elements
  • Monitor threat and vulnerability news services for any relevant information that may impact installed infrastructure. Analyse reports to understand threat campaign(s) techniques, lateral movements and extract indicators of compromise (IOCs).
  • Ability to performing Red team exercises
  • Knowledge of malware packing and obfuscation techniques
  • Ability to automate tasks using a scripting language (Python, Perl, Ruby, etc)
  • Experience in writing POC exploits and creating custom payloads
  • Highly capable with system exploits, network exploits and/or web application exploitation
  • Familiarity with common reconnaissance, exploitation, and post exploitation frameworks
  • Responsible for ensuring vulnerability scanning toolsets and operational services are fit for purpose
  • Responsible for compiling, disseminating and tracking security vulnerability and threat notifications to internal teams and third party suppliers.
  • Support enhancement, improvement and delivery of threat analysis and vulnerability management processes and procedures to reduce risk
  • Responsible for fine-tuning vulnerability management toolsets to provide maximum benefit and reduce overall company cyber risk


Skills experience:

  • Theoretical and practical knowledge in the following areas:
    • Unix, Linux, Windows, etc. operating systems
    • Well-known networking protocols and services (SFTP, HTTP, SSH, SMB, LDAP, etc.)
    • Exploits, vulnerabilities, network attacks
    • Packet analysis tools (tcpdump, Wireshark, ngrep, etc.)
    • Regular expressions
  • Extensive understanding of cryptographic concepts and applied cryptography
  • Experience in malware analysis, reverses engineering and forensic tools will be a massive advantage.
  • Proven experience in Nessus, OpenVAS, Qualys or similar Vulnerability Assessment (VA) scanner operations for identifying network and platform risks and mis-configurations.
  • Strong analytical skills, capable of analysing complex technical information to identify patterns, trends and linkage.
  • Previous experience within vulnerability management
  • Excellent written and verbal skills, with the ability to translate complex concepts into easily understood principals.
  • The ability to pro-actively identify cross-functional threats and vulnerabilities
  • Previous experience writing vulnerability management procedures
  • Penetration testing experience is essential
  • Detailed understanding of ITIL principals
  • The ability to work across various cultures internationally


Technical / professional qualifications:

  • MSc in Cyber /Network Security or relevant work experience
  • OSCP
  • OSCE
  • GPEN, or similar certification preferable

Extra information

Full UK/EU driving license preferred
Car Preferred
Must be eligible to work in the EU
Cover Letter Required

Register now!

Do you want to apply within one click and stay up to date on the newest vacancies that suit you? Signup as a student!

Sign up for free