Threat Intelligence Analyst/Cyber Defence Engineer-Analyst

***DV Cleared***
Threat Intelligence Analyst/Cyber Defence Engineer/Cyber Defence Analyst
Worcestershire, Wiltshire, Portsmouth (Onsite role)
12 Month contract initially
Rates: Market Rates (Umbrella-PAYE)
We are working with a leading consultancy, a long term client and a market leader in their field. We are looking for a number of Threat Intelligence Analyst's/Cyber Defence Engineer's/Cyber Defence Analyst's to join the team on a great programme of work.
Key Responsibilities:
* Perform system administration on specific cyber defence applications and systems to include installation, configuration, maintenance, troubleshooting, backup and restoration.
* Manage system/server resources including performance, capacity, availability, serviceability, and recoverability.
* Diagnose and resolve customer reported system incidents, problems, and events to ensure continuing operability.
* Coordinate with SOC and CTI Analysts to assist in the development of signatures which can be implemented on cyber defence network tools in response to new or observed threats within the network environment or enclave.
* Responsible for the collection, processing and analysis of information regarding adversaries in cyberspace in order to disseminate actionable Threat Intelligence by understanding adversary motives, capability and modus operandi to inform cyber security measures.
* Conduct external liaison with national military / civilian agencies and analytical coordination within internal organisation on pan-regional / thematic AIRs.
* Curate structured Threat Intelligence data within the organisation's Threat Intelligence Platform (TIP)
* Inform the generation of Operational Technology solutions and Risk Management activities by providing adversary focused input into solution planning.
* Develop and deliver intelligence-led, adversary focused, Threat Hunting across the organisation's Information Systems.
* Provision of technical Cyberspace Intelligence assistance in support of Capability Development work, as directed.
Key Skills / Experience:
Previous experience of Enterprise ICS/network architectures and technologies.
* Working with frameworks and technologies that support data-intensive distributed applications.
* Experience maintaining and administrating data analytical and SIEM platforms.
* Experience using host and network-based IDS/IPS
* Experience using packet capture solutions.
* Skill in developing and deploying signatures.
* Skill to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
* Ability to provide technical and service leadership to junior SOC Engineers (mentor/coach).
* Skill in writing, reviewing and editing cyber-related intelligence/assessment products from multiple sources.
* Skill in using multiple search engines and tools to conduct non-attributable open-source research.
* Experience of providing current intelligence support to critical internal/external stakeholders as appropriate.
* Ability to think like threat actors.
* Skill in tailoring analysis to the necessary levels (e.g., classification and organisational).
Desirable Qualifications/Certifications:
* Red Hat System Administration I & II (RH124/RH134).
* Baseline Cyber Courses E.g. Cyber Foundation Pathway, SANS SEC 301 Intro to Information Security, SANS 401 Security Essentials Bootcamp.
* Certified engineer in a market leading data analysis/SIEM platform.
* SANS SEC501 Advanced Security Essentials Enterprise Defender.
* SANS SEC 511 Continuous Monitoring & Security Operations.
* SANS SEC555: SIEM with Tactical Analytics.
Knowledge of wireless technologies (e.g. cellular, satellite) to include the basic structure, architecture, and design of modern wireless communications systems.
* Knowledge of cyber threats and vulnerabilities.
* Knowledge of cyber intelligence / information collection capabilities and repositories.
* SANS FOR578: Cyber Threat Intelligence
* SANS SEC497: Practical Open-Source Intelligence (OSINT)
* SANS SEC587: Advance Open-Source Intelligence(OSINT) Gathering and Analysis
This is a fantastic opportunity on a great programme of work.
Apply now for your CV to reach me directly and we will reply as soon as possible.
Due to the nature and urgency of this post, candidates holding or who have held high level security clearance in the past are most welcome to apply. Please note successful applicants will be required to be security cleared prior to appointment which can take up to a minimum 18 weeks. LA International is a HMG approved ICT Recruitment and Project Solutions Consultancy, operating globally from the largest single site in the UK as an IT Consultancy or as an Employment Business & Agency depending upon the precise nature of the work, for security cleared jobs or non-clearance vacancies, LA International welcome applications from all sections of the community and from people with diverse experience and backgrounds.
Award Winning LA International, winner of the Recruiter Awards for Excellence, Best IT Recruitment Company, Best Public Sector Recruitment Company and overall Gold Award winner, has now secured the most prestigious business award that any business can receive, The Queens Award for Enterprise: International Trade, for the second consecutive period.