Senior Threat and Response Specialist

**Senior Threat & Response Specialist**
**Job Description**:
**Accountabilities**:

- Lead on, and coordinate, high complexity and severity security incidents, collaborating with internal teams and external agencies, to define and execute incident response plans.
- Undertake technical and forensic analysis of data across a number of systems, sensors and toolsets, against several kinds of attack, including malware, data breach, supply chain compromise and others.
- Identify root causes, risks and control gaps as a result of post-incident analysis, recommend solutions and input these to the appropriate management processes.
- Proactively coordinate with senior technical stakeholders to support embedding good Security awareness, culture and practice across the business.
- Where required, stand for the Head of the Threat & Response as delegate of authority and representative for the Threat & Response function.
- Collaborate with suppliers, customers and senior stakeholders, alongside the Head of Threat & Response, to deliver Threat & Response services, drive improvement and enhance the effectiveness of Security Capabilities.
- Provide technical analysis and interpretation of internal and external landscape, advising and supporting the Head of Threat & Response in embedding the incident response and cyber continuity elements of information security strategy across the organisation.
- Coordinate, oversee and mentor junior Threat & Response colleagues across any of the Threat & Response services, as the most senior technical team member.
- Collaborate with broader Security teams as Threat & Response representative to enable and facilitate assurance, governance and audit activities, such as penetration tests, vulnerability assessments and regular audit activity, including ISO271001, SOCIIand internal audits.
- Support the Security Governance and Assurance teams through participation in risk assessments, security frameworks and security consultancy, to help ensure that sufficient measures are in place to protect the security of Arqiva's business systems.

**Experience/ Expertise**:

- Deeply technical background, mindset and approach.
- Genuine enthusiasm for technology and Cyber Security.
- Adaptability and self-sufficiency.
- Inquisitive and analytical.
- Strong communication, reporting and stakeholder management skills.
- Able to understand technical concepts and scenarios, and translate in clear language for non-technical stakeholders and executives.
- Honest, open and genuine in your interactions with others.
- Deep, tooling-agnostic engineering, architectural and operational expertise, across all key Security platforms, such as VM/SIEM/EDR, and able to transfer knowledge between toolsets.
- Knowledge and experience of working within organisations the implement relevant Cyber frameworks and methodologies, such as MITRE ATT&CK, NIST, ISF, ISO27000.
- Relevant industry qualifications, such as SANS, GIAC, CEH, CCNA, AZ-500.
- Extensive experience of performing technical threat analysis and incident response activities against several kinds of attack, including malware, data breach, supply chain compromise and others.
- Experience in the management and handling of Security incidents, including assessment, categorisation and prioritisation and root cause analysis.
- Familiarity with common attack methodologies and methods used by Cyber threat actors during the threat lifecycle.
- Experience interpreting and actioning Threat Intelligence.
- Experience with both on-prem and AWS and Azure cloud environments and Security solutions.

Carbon60, Lorien, SRG - the Impellam Group STEM Portfolio is acting as an Employment Business in relation to this vacancy.