Digital Forensics and Incident Response Supervisor

Job number: SP06023

Profession: IT & Information Services

Location: Sellafield, West Cumbria

Contract type: Permanent contract

**Salary**: £53,412 - £58,418

Posting date: 23/09/2024

Closing date: 06/10/2024

Profession: IT Information Services

Digital Forensics and Incident Response Supervisor

Bonus: Up to 10% base salary per annum, based on achievement of Company targets and personal performance.
Location: Sellafield, West Cumbria. Shifts follow a 4 on 6 off pattern. Please note this role attracts a shift allowance of up to £13,629.

Thrive in a connected, considerate culture of innovation and community

At Sellafield Ltd, we are harnessing our expertise; bringing together world-class skills and innovative technology to solve complex nuclear, infrastructure, and engineering challenges. By joining Sellafield Ltd, you join an amazing team of people, from all walks of life, where you can thrive in a connected, considerate culture of innovation, collaboration, and community; and play a significant part in the UK’s sustainable nuclear future.

The future is set to be the most exciting part of Sellafield Ltd’s story. So, there are now more opportunities than ever for our people. This has always been a place where people built long-term careers. Where people enhanced their skills and expanded their opportunities. But today, we offer a uniquely rewarding mix of professional development, career variety and job security.

About the role:

- Key responsibilities:

- Manage and develop a shift team of CSOC Analysts in relation to protective monitoring, incident response, and threat hunting to ensure the delivery of a mature and highly skilled CSOC.
- Lead, co-ordinate and provide technical assurance & escalation for daily investigations performed within the CSOC.
- Develop and enact Digital Forensics capabilities within CSOC relating to escalated investigations, threat hunting and incident response to deliver cyber threat detection and forensically sound evidence, in accordance with government and ONR guidelines.
- Develop and perform the activities defined in the Cyber Security Incident Response Plan / Forensics Readiness plan, ensuring Operational elements are achieved in accordance with site emergency arrangements.
- Oversee technical implementation and commissioning of Cyber Security tooling solutions to agreed requirements.
- Provide advice and guidance to internal and external stakeholders in relation to Digital forensics, Incident Response and Cyber Security in general to ensure threats are identified, with measures understood to reduce impact and consequence.
- Assess, suggest or take remedial action to Cyber Security Incidents within defined policies and standards.
- Review Cyber security tools, processes and procedures and assist in testing the robustness of current and developing systems.
- Deputising for the CSOC Manager as required.

Your skills and qualifications
- Essential:

- University degree or relevant experience in Security Operations.
- CompTIA Security+ or equivalent.
- In depth knowledge of Microsoft Azure security platforms, DfI, DfE, Sentinel etc.
- In depth knowledge of Digital Forensics.
- Strong understanding of network protocols and a variety of operating systems.
- Strong analytical skills particularly emphasis on being able to identify modern offensive techniques.
- Knowledge & experience of SOC Tooling, for example SIEM (Sentinel, Splunk, LogRhythm), IDS, IPS, EDR
- Line management / leadership experience.
- A full driving license is required by the role holder due to the requirement to work on-site.
- Ability to achieve DV clearance + NPPV.
- Desirable:

- GIAC certifications: GSOC, GMON, GCED, GCDA, GCFE, GCFA.
- SC-200 Microsoft Security Operations Analyst.
- Familiarity with scripting languages (e.g., Python, PowerShell) for automation and analysis.
- Familiarity with the use of incident ticketing systems such as ServiceNow.
- Control Systems experience.
- Malware analysis / Reverse engineering experience.
- Vulnerability analysis experience.

Why us?

Sellafield Ltd is a unique place to grow your career, offering a remarkable blend of role variety, job security, personal growth, professional development, and truly significant work. This is your opportunity to tackle some of the biggest challenges in the nuclear, infrastructural and engineering worlds and create a clean and safe environment for generations to come. Explore Sellafield Ltd today.

Please Remember:

- In the event of a high number of responses to any advert, Sellafield Ltd reserves the right to close the advert early.
- Please regularly check your Spam/Junk folders for news about this vacancy, correspondence could contain invitations to interview and other important updates.