Banner Default Image

Liquid error: internal

Security Incident Lead

  • Location


  • Sector:


  • Job type:


  • Salary:

    £0.00 - £60000 per annum + plus benefits

  • Contact:

    James Peck

  • Contact email:

  • Job ref:


  • Published:

    about 1 month ago

  • Expiry date:


  • Consultant:


Security Incident Lead - Leeds - £60,000

The Bridge IT have partnered with a global organisation to recruit a Security Incident Lead as they look to grow their GIS Security function in 2021.

As a Lead you will be responsible for detecting, preventing & responding to information threats. Performing daily operational monitoring and investigation of information security events for context and criticality. Alongside this you will Maintain information security technologies & processes and protect sensitive data.

Role Responsibilities:
Collects and analyzes log data and forensic artifacts to determine security risks or
compromised systems
* Conducts security risk assessments and compliance audits and makes recommendations
regarding levels of risk by identifying potential information and network security vulnerabilities
* Develops, maintains and publishes policies and standards related to information systems in
order to mitigate risk and influence user behaviors
* Implements security design plans which emphasize defense in depth principals and promote
monitoring and detection of threats
* Enforces/monitors security standards, procedures, techniques and guidelines
* Provides technical guidance/consultation related to information security issues
* Lead security incident investigations and post-incident review meetings
* Perform product evaluations on select security products and services
* Implements upgrades, repairs, and modifications to information systems assets supporting
the security function
* Research new and emerging threats to gain insight and understanding of the evolving threat
landscape for SIEM use case development and threat hunting
o Ability to summarize research with an emphasis on risk and mitigation
* Manages the provisioning, deprovisioning and access levels of accounts for system assets
* Perform Threat Hunting on new and emerging adversaries, develop detection capabilities for
enduring protection

Knowledge and Skills Required:
SIEM (Qradar, Mcafee) configuration and management
* Firewall (Palo Alto Cisco, Checkpoint) and intrusion detection / prevention (Sourcefire,
Mcafee) architecture and configuration
* Vulnerability scanning tools and reporting (Nessus, QVM, Trustwave, Metasploit)
* Proficient in incident response and management, including basic forensic analysis
* Data analysis and analytical problem solving
* Advanced principles, practices, theories, trends, and methodologies for emerging threats and
malicious actors
* Continuous process and technology improvement mindset
* Analyzing and developing security operations standards and procedures
* Partnering with 3rd Parties and managing consultant contracts and performance
* Demonstrated experience using scripting tools (Powershell, Python) and use of Regex for
incident investigation, signature development, and data analysis
* Excellent written and verbal communication