Threat and Response Specialist

Job Description

Location We operate a flexible, hybrid working environment with the candidate required to travel to either our Winchester or London office once or twice a week.

We offer

• Competitive salary
• 10% Bonus
• 6% pension contribution
• Private Medical
• 25 days annual leave
• Access to our comprehensive flexible benefits including discounts on big brands, wellness and employee assistance programmes, gymflex, buy and sell annual leave, travel and dental insurance
• Work. Life. Smarter. Our commitment to a flexible and hybrid working culture
  
  

Profile

As Threat & Response Specialist, you will be responsible for monitoring Arqiva’s internal and external Cyber threat landscape and defending it from Cyber threats and attacks. You will perform a range of reactive and proactive technical activities across several critical defensive functions, that include SIEM Monitoring, Vulnerability Management, Incident Response and Analysis, Threat Intelligence and others.

You will work within Arqiva’s CSIRT and report into the Head of Threat and Response, working closely with the broader Security team, and other technical teams across Arqiva, to deliver and mature Arqiva’s Cyber Defence functions, services and capabilities.

You will be a recognised expert in Cyber Defence and will have experience in defending complex organisations and environments from threat actors of high capability. Ideally you will have some experience with Critical National Infrastructure, OT environments, and/or the Broadcasting industry.

Please note that the successful candidate will be required to successfully undergo UK Security Clearance and must have been resident within the UK for at least five years.

This role includes the requirement to be part of an on-call out of hours support rota.

Key Responsibilities

• Perform technical triage and analysis of Security events and incidents across several defensive tools and sensors including EDR, IDPS and SIEM.
• Define, review and continuously improve configurations and security analytics.
• Undertake deep-dive forensic analyses of security artifacts, including malware, packet captures, data packages and others.
• Define the responses required against confirmed Security incidents and lead and coordinate response efforts across technical resolver teams.
• Manage Security incident response via ticketing and case management solutions, documented reports and collaboration tools.
• Review and process onboarding requests for key Security tools, such as SIEM and VM.
• Perform and interpret reports from regular and ad-hoc vulnerability scans.
• Review and assess threat and vulnerability intelligence and data, identifying the criticality and required response.
• Review and analyse phishing reports and emails to identify malicious email attacks.
• Collect and analyse Threat Intelligence to define response requirements including tooling enhancements and other proactive activities.
• Define, review and maintain Security Response documentation set, such as playbooks, operating models and processes.
• Coordinate with stakeholders of varying seniority and technical background as an authoritative representative of the Threat & Response function.
  
  

Key Attributes & Experiences

• Technical background, mindset and approach.
• Genuine enthusiasm for technology and Cyber Security.
• Adaptability and self-sufficiency.
• Inquisitive and analytical.
• Strong communication, reporting and stakeholder management skills.
• Able to understand technical concepts, scenarios, and translate in clear language for non-technical stakeholders and executives.
• Honest, open and genuine in your interactions with others.
• Tooling-agnostic expertise, able to transfer knowledge between toolsets.
• Knowledge and experience of working within organisations the implement relevant Cyber frameworks and methodologies, such as MITRE ATT&CK, NIST, ISF, ISO27000.
• Relevant industry qualifications, such as SANS, GIAC, CEH, CCNA, AZ-500.
• Extensive experience of performing technical threat analysis and incident response activities against several kinds of attack, including malware, data breach, supply chain compromise and others.
• Experience in the management and handling of Security incidents, including assessment, categorisation and prioritisation and root cause analysis.
• Hands-on experience designing, building or driving Security tooling such as SIEM, EDR/XDR, UEBA, VM, IDPS, WAF.
• Familiarity with common attack methodologies and methods used by Cyber threat actors during the threat lifecycle.
• Experience interpreting and actioning Threat Intelligence.
• Experience with both on-prem and AWS and Azure cloud environments and Security solutions.
  
  

Why join Arqiva? We are the undisputed leader in UK TV and radio broadcast, and the UK’s leading Smart utilities platform. This means we have a strong heritage and foundation for future growth for you to grow your career with us.

Our journey is to transition global media distribution to cloud solutions, where we aim to double our revenue and continue to grow by being an innovator of scalable solutions for new connectivity sectors. We have opportunities in new technology applications and products, you will have opportunities to learn and develop with us.

Your wellbeing…. Our wellbeing mission is to help our people to be the best version of themselves at work and still have the time and energy to live a full life outside of work.

Our focus for 2024 is to Win, Grow, Go Faster – find out more, contact us and apply!

Inclusive Arqiva ….Our networks include our Diversity Ambassadors, Eldercare, Spectrum, Working Families, Pride, Veterans and Inspiring Women – join and contribute to our active networks!