Address
SalaryUp to £115k per annum
**Hybrid home/office model**
Sponsorship - NOT AVAILABLE
The Company
A world-leading provider of market infrastructure that provides clients with access to global financial and commodities markets.
The Role
You will lead the firm's purple teaming function and ensure the firm is well-positioned to prevent and detect modern cyber-attacks. You will ensure tools are fit for purpose through the delivery of threat-led sprints, and the creation or customisation of attack detection rules.
The Responsibilities
- Define and execute purple team sprints to improve the firm's ability to prevent and detect modern attacks.
- Simulate both established and emerging attacker TTPs and personally build the respective detection rules and response procedures.
- Identify opportunities to reduce the firm's attack surface using preventative controls.
- Support the deployment and tuning of security-related tooling, particularly toward threat prevention and detection.
- Develop processes for attack surface monitoring and constant validation through automation.
Essential experience
- Practical experience emulating sophisticated cyber-attacks, likely in a purple or red team capacity.
- Deep understanding of modern attacker tools, techniques and procedures.
- Comfortable identifying appropriate telemetry sources to collect, and using these to build custom attack detection rules where out the box capability doesn’t exist.
Desirable experience
- Experience working with a SOC
- Experience using Infrastructure-as-Code to support emulation activities, for example Terraform/Ansible.
- Experience attacking or securing AWS infrastructure.
- Development experience in one or more programming languages, with one of them ideally being python.
