CYBER SECURITY USE CASE SPECIALIST – SECURITY OPERATIONS CONSULTANT
A leading cyber security consultancy are looking for a Cyber Security Use Case Specialist to join their UK team. They are looking for advanced technical specialists to join their UK security function, and work with several high-profile clients across a multitude of sectors.
The role will draw on your experience in both Security Operations and GRC, giving you the enjoyment that comes from variety and the professional satisfaction that comes from utilising all the tools at your disposal.
This is an opportunity for someone looking to work at a highly reputable consultancy, where they will be given a breadth of exposure to industries and clients managing the process from end-to-end, identifying potential risks using Use Case technologies.
THE ROLE OF THE CYBER SECURITY USE CASE SPECIALIST:
- The role will involve a gaining knowledge of the cyber threats faced by customers through a knowledge gaining process as well as client workshops.
- Create and document response procedures for each Use Case aligned to customer’s IR process
- Develop risk specific use case specifications that require log sources, detection logic, event flow architecture and response requirements – a plan that can be actioned if said threat was to become reality.
- Work with the risk owners carrying out gap /risk analysis, and vulnerability assessments to prioritise the risk and help develop / define the use case / procedures required to mitigate the risk.
- Provide training to customers and SOC analysts on the use case and response procedures.
- Work with the use case / SOC analysts and advise them on use case requests and upgrades.
- Evolve update and fine tune threat detection logic
THE REQUIREMENTS OF THE CYBER SECURITY USE CASE SPECIALIST:
- 2+yrs working in risk management, working with recognised frameworks such as FAIR, The NIST RMF (800-37), ISO 27005, or ENISA RM/RA Framework.
- 2+yrs experience in the implementation of ISO27001
- A solid understand the tools and processes of a Security Operations Centre or 5+yrs as a Solutions Architect working in an MSSP.
- Experience in Penetration testing or forensic investigation.
- Strong understanding of the MITRE Framework.
- Excellent English language communications skills both oral and written.
- Certifications including: CRISC, C|CISO, CISM, CISA, DoD RMF, GPEN, GXPN, CEH, GCIA, etc.