We are currently recruiting for a Senior Cyber Threat Analyst to join our innovative and tech focused Threat Hunting Team!
The Threat Hunting team is at the forefront of cyber defence and get to use the newest technologies and systems. This team protects Aviva by ensuring that security incidents are handled efficiently to minimise impact and reduce risk to the business. The team is based at our Bristol office and we are flexible with location/home working, however you will be expected to work in the Bristol office once a week post-pandemic.
Your main purpose will be to protect Aviva and its customers from the damage caused by cyber-attacks, along with building new detections, hunts and remediation playbooks to reduce our mean time to detect and respond. As the Senior Cyber Threat Analyst, you will engage with colleagues from across the international Aviva business, using technology and initiatives from the global CISO function and its suppliers. You will be truly valued in the role and we encourage your contribution and cyber domain expertise to Information Security Operations across all of Aviva and its subsidiaries.
This video will help you understand how we do threat hunting at Aviva: https://www.youtube.com/watch?v=tmW60vC0tHE
The focus of this role is:
- Cyber Security Incident Response to stop attacks
- Threat Hunting to discover unknown and undetected threats
- Support the international businesses in improving their defences and analysis of suspicious activity
Responsibilities in the role:
You will evidence your technical abilities and knowledge of security controls, operating systems and networking technologies. Previous work in a security operation centre will demonstrate your incident response credentials. You will have examples of analysing large amounts of data to find anomalous and suspicious behaviour.
- Respond to alerts and incidents from the Global Security Operations Centre. Following up on incidents and working with other teams where required
- Threat Hunting for undetected malicious activity
- Identify weaknesses in our defences; people, process or technologies and highlight these via direct dialogue with specialist teams that support security control operation
- Writing playbooks on how to remediate security incidents including Instruction for containment, eradication and recovery
- Mentoring and coaching others across the security functions
- Supporting the team lead in managing and developing the team
Skills and experience we’re looking for:
- Degree or equivalent experience in information security, computer forensics, information technology or software development (internal applicants with a specific interest in this area may also be considered)
- Knowledge of Information Security regulatory and legislative requirements
- Experience of crafting custom detections or correlations in SIEMs and security tools
- Experience of Windows and Linux Operating Systems
- Experience of using a variety of security tools, including EDR, Proxies, Email Gateways, WAFs, IDS, and Cloud Security tools
- Experience in programming/scripting (python, PowerShell, BASH, C#, C++, etcetera)
- Good understanding of networking
- Good communication skills with the ability to engage with a variety of different people
- Holds GCIH, OSCP, GCFE or equivalent demonstrable experience
- Experience of forensic capture and analysis
- Experience of packet analysis
- Ability to research threat actor TTPs and interpret Threat Intelligence
- Experience of malware/file analysis
- Knowledge of common enterprise devices and applications
- Creation and or contributions to open source cyber projects
What will you get for this role?
- Salary up to £50,000 depending on location, skills, experience and qualifications
- Generous defined contribution pension scheme
- Annual performance related bonus and pay review
- Holiday allowance of 29 days plus bank holidays and the option to buy/sell up to 5 additional days
- Up to 40% discount for some Aviva products through “My Aviva Extras” plus discounts for Friends and Family (some exclusions apply)
- Excellent range of flexible benefits to include a matching share save scheme
Working at Aviva
At Aviva, we’re people with a purpose. To be with you today, for a better tomorrow.
We bring this to life by ensuring managing risk is at the heart of the way we all work. We love people who do the right thing for our customers, and our colleagues. We want people who speak up, who take ownership, and who make good decisions.
The way we do this is important too, we’re all about our people – that’s you – so we can be pretty flexible. If you want to work from home some of the time or change your hours so you can pick up your kids or care for someone in your family, we’re very open to that. In fact, we don’t advertise roles as either part or full time, because we know each person has different needs, just as each business area has different needs. So, it’s up to you to discuss working hours during your interview.
We care deeply about being inclusive and that means we encourage applications from people with diverse backgrounds and experiences. We want our employees to bring their whole self to work and that starts with you.
We interview every disabled applicant* that meets the minimum criteria for the job. Once you’ve applied, please send us a separate email stating that you have a disclosed disability and we’ll make sure we interview you.
We’d love it if you could submit your application online. If you require an alternative method of applying, please give Guv a call on 0750 008 7919 or send an email to [email protected] .com .
*As defined in The Equality Act 2010*. By ‘minimum criteria’ we mean you should provide us with evidence which demonstrates that you generally meet the level of competence required and have the qualifications, skills or experience defined as essential to perform the role.
To apply for this job please visit www.cybersecurityjobsite.com.