Lead cyber security incident investigator - CSIRT

at  Jisc

Salary: Circa £53,000 per annum negotiable depending on experience + fantastic benefits!
Jisc grade: TCY3 (internal use only)
Hours: 35 hours per week
Contract: Permanent
Location: Hybrid - A blend of working from home and your nominated hub office, we have hubs in London, Bristol, Manchester and Oxford. Specific patterns for working in the office are not mandated, and the frequency of time worked in the office is agreed with your manager. Meeting in person is something we value so you may need to travel on occasion to any of our hub offices.

KEY SKILLS AND EXPERIENCE:

• Prior experience working in a cyber security role with demonstrable experience of incident response activities.
• Excellent understanding of cybersecurity principles, concepts, and best practices including knowledge of threat landscapes, attack vectors, and defensive strategies.
• Familiarity with a range of security tools and systems such as SIEMs, EDR’s SOAR, IDS, WAF, DLP and DDoS mitigation systems.
• Excellent understanding of IT environments and common infrastructure including Microsoft Stack (Azure, Active Directory), Virtualisation Platforms, Backup Systems & Cloud Platforms.
• Excellent customer service and communication skills with the ability to work and remain calm under pressure.
  Don’t meet every single requirement?
  We know that sometimes people can be put off applying for a job if they think they can’t tick every box, so we encourage you to apply even if you do not meet 100% of the requirements, but you feel this role is perfect for you. You may be just the right candidate for this or other roles!
  Why work for us?
  At Jisc, everyone plays a key role and gets the chance to feel part of it, that to us is the definition of a meaningful career. We want to create a culture of lifelong learning. You can look forward to a rewarding job with opportunities to develop and make a real difference to the education and research sectors.
  We believe a balance between your personal and professional life is essential to your happiness and fulfilment. We work flexibly at Jisc and focus on outputs rather than presenteeism and are open to a whole range of ways of working.
  It isn’t about how many hours you spend at home or at work; it’s about the flow you establish that brings energy to both parts of your life. Our hybrid working policy is flexible, and the frequency of time spent in your nominated office will vary across teams and job roles.

ABOUT THE ROLE:

As the Cyber Security Incident Response Team (CSIRT) Lead, you will be responsible for coordinating, overseeing, and executing the incident response process to meet the expectations of our members. You will lead a team of Security Operations Analysts and incident responders, providing guidance, mentorship, and support to team members.
This is a fantastic opportunity to work closely with members, stakeholders and agencies to ensure that we are nurturing and developing relationships with all our key stakeholders to vastly improve cyber security across educational and research.
You will need to be able to communicate effectively with a range of security professionals and members at all levels, providing effective and succinct briefings around ongoing incidents, and providing advice, guidance, and recommendations to members.

OTHER RESPONSIBILITIES WILL INCLUDE:

• Coordinate and support the continuous monitoring of SOC customer IT infrastructure, networks, and systems for signs of suspicious or malicious activity.
• Lead, own and support the team’s response to security incidents, ensuring that they are handled promptly and effectively to minimize damage and downtime.
• Take responsibility for managing and coordinating major cyber incidents to a successful conclusion.
• Take part in the Incident Response 24/7 on-call rota
  Out of hours duties may be required at times, however this is kept to a minimum.