AddressAbout LRQA Nettitude
Founded in 2003, LRQA Nettitude is an award-winning global provider of cybersecurity services, bringing innovative thought leadership to the ever-evolving cybersecurity marketplace. Through our research and innovation, we provide threat-led services that span technical assurance, consulting, and managed detection and response offerings. #LI-Nettitude
We are driven by a desire to build and deliver the best cybersecurity propositions in the industry and stay abreast of the evolving legislative and regulatory landscape. This helps our clients to prioritize their cybersecurity risks, enabling them to focus on the activities that are core to their business.
We’re part of LRQA
LRQA is a leading global assurance partner, bringing together decades of unrivalled expertise in assessment, advisory, inspection, and cybersecurity services – underpinned by data-driven insights – to help its clients navigate a new era of risk.
Operating in more than 160 countries with a team of more than 6,000 people, LRQA’s award-winning compliance, supply chain, cybersecurity and ESG specialists help more than 61,000 clients across almost every sector to anticipate, mitigate, and manage risk wherever they operate.
The role
Working as a Cyber Incident Response Consultant within our Managed Security Services team, you will provide Incident Response support to both managed and new/emergency customers. You will encounter a wide range of compromises, network environments and security technologies.
You will be working closely with the MSS SOC and SOC Consultancy team, conducting investigations from triage call through to incident completion. You will represent Nettitude’s excellent professional standard to customers while working alongside other NCIRT and Nettitude Consultants. You will have desire and passion to stay up to date with emerging threats, investigate new detections and solutions for customer and NCIRT improvements. Working with a highly motivated team, you will focus on triage, analysis and investigation of suspicious binaries, files, data and logs.
As a member of Nettitude’s Managed Security Service (MSS) team you will provide first class service to both Internal and External Customers, delivering excellence in all areas of your work.
Location
This role is hybrid based within the UK, with a mixture of Home and Office working for collaboration, team building, workshops and clinic days. Travel may be required to customer locations.
We can support working from across the UK. All applicants will require residence in the UK.
What you’ll be doing in your role
In your role as a Cyber Incident Response Consultant, you'll need to:
- As an individual or part of a team, conduct analysis and investigation of cyber security events across Windows, Linux, Cloud and Hybrid environments.
- As an individual or part of a team, conduct digital imaging and forensic investigation tasks on Windows and Linux hosts.
- Conduct initial triage on suspicious artefacts using both commercial and bespoke tools.
- Provide customer training engagements to develop internal and external stakeholder preparedness for dealing with cyber incidents.
- Provide written and verbal reports to the wider IR team, senior business partners (internal and external)
- Conduct ongoing research around the threat landscape, including threat actors, TTPs and develop IR actions, investigation strategies and tooling
- Use KQL based language queries/statements to detect malicious activity, analyse data and perform threat hunting.
- Build and design detections in Microsoft Advanced Threat Protection (ATP) or similar EDR platforms (Crowdstrike/Carbon black).
- Use tools such as KAPE, FTK, Elastic, PowerShell, Python and others for forensic and investigation purposes.
- Easily adapt to change, seek new responsibilities, accept challenges, and thrive in ambiguity.
Key Skills:
The following are strong recommendations and in most cases prerequisites of the role.
- Demonstrably strong incident management and analytical skills.
- Demonstrably strong written and speaking English skills.
- Demonstrably strong understanding of Threat Actor TTP’s.
- Demonstrable ability to work on own projects and within a team.
- Experience with Network Detection and Response solutions
- CREST CRIA or equivalent level IT Security related certification.
- At least 24 months of relevant IT Security industry experience in past 3 years.
- Ability to travel to UK customer locations where requested and non-UK customer locations where mutually agreed.
- Ability to join 24/7 on-call rota where requested.
- Excellent communications and customer facing skills with a positive and proactive attitude towards customer issues
- Excellent Team player
- Full UK Driving License
Desirable:
- Understanding of networking including strong knowledge in IP stack
- Understanding of Server and endpoint technology stacks
- Understanding of common cloud platforms (Azure, AWS, GCP)
- Experience of scripting and/or coding
What we offer:
We are a people-focused, high-performing, high-trust managed security services team. We pride ourselves on our investment in our people, meaning as we are a fast-evolving team in an exciting working environment, you’ll always have opportunities to solve the latest cybersecurity challenges, with the responsibility and development opportunities to match.
Company benefits:
- Constantly updated training & progression plans with multiple tracks of development, supporting lateral movement or upwards progression.
- Yearly wellness day to be spent in the way that works best for you.
- Recognition & rewards for individual, team and department performance
- Performance-based bonus programme
- Generous pension scheme
- A supportive team enabling you to succeed and grow your career.
An attractive remuneration package will be provided. #LI-Nettitude #LI~Nettitude
Apply?
We don’t expect candidates to tick all the boxes, if you feel your skills, knowledge and experience are a good match for the requirements and have a desire to learn and develop, apply now via the ‘apply’ button and upload your C.V. and cover letter.
