Role Title:Cyber Security Incident ResponderBusiness Area:Security ServicesAbout This Role:The Security Operations Centre (SOC) houses the cyber security team responsible for monitoring and analysing an organisation's security posture on an ongoing basis. The SOC team's goal is to provide24x7x365capabilities to detect, analyse, and respond to cybersecurity incidents using a combination of technology solutions and a strong set of processes.The SOC staff work closely with the Network Operation team (NOC) to ensure security issues are addressed quickly upon discovery.Why This Role:The Cyber Security Incident Responder will work with existing skilled IT Security staff, responding to cyber security threats in as near real-time as possible. An up to date understanding of relevant IT networks, security standards, authentication protocols, and security related hardware and software within the organisation is vital.Expectations From The Role:Administer and optimize Microsoft Defender for Endpoint and Defender for Cloud configurations to ensure consistent security baselines across on-premises and cloud environments.Implement and maintain Microsoft Purview configuration policies to support data governance, compliance, and information protection strategies.Collaborate with IT, legal, compliance, and other key stakeholders to align configuration management practices with organizational policies and regulatory requirements.Coordinate with Key stakeholders to conduct investigations of cyber incidents or other security incidents utilising various tools and sources to reverse engineer malware and identify attack vectors to provide an accurate account.Conduct regular reviews of Defender and Purview configurations to identify misconfigurations, enforce best practices, and mitigate security risks.Intelligence driven investigative analysis, Define and coordinate cyber incident response testing to assess capabilities and breach preparednessCreation and maintenance of forensic and incident management policies that govern the handling of incidentsConduct research on the latest threats and the latest technological advancements in combating unauthorized access to informationPerform threat hunting within the corporate environments to detect historic or active malicious/unauthorised activityPublish official reports and executive summaries for all major cyber incidentsIdentify and create appropriate controls within the SIEM and other security solution to prevent and detect security incidentsDevelop innovative monitoring and detection solutions using tools and advanced scriptingEngages with other internal and external parties to get and share information to improve processes and security postureCarry detailed forensic analysis during a major incident response.Support the wider analyst team with deeper analysis of complex security events and incidents.Requirements For A Successful Application:Passionate and Professional security mind setStrong customer service skills to follow-up with clients and handle escalationsCapability to ensure confidentiality and discretion in performing sensitive tasksPossesses an understanding of cyber-attack techniques, vulnerabilities, and countermeasuresTechnical knowledge of Information Technology and Cyber Security standardsExpert knowledge of SIEM platforms, IT Forensics and real-time endpoint inspection toolsPrevious experience in handling Incident Response and Forensic analysisUnderstanding of MITRE ATT&CK frameworkSimulation of active exploits and detectionStrong understanding of SIEM and UEBAStrong knowledge of scripting languages such as Python, Powershell.Working knowledge of cloud technologiesWorking knowledge on Forensics tools such as Encase, Sleuth kit, Redline & FTK Imager3-4 years of experience in the information security field2+ years of experience in incident handling1+ year of experience in forensicEducation: Bachelor's Degree or equivalent preferablyEnglish: fluentOthers:Job schedule: Business Hours Monday-Friday (On Call)We are committed to creating an inclusive and supportive work environment. If you require any reasonable adjustments during the application or interview process, please let us know, and we will work with you to meet your needseirforall