Salary: Circa £45,000 per annum negotiable depending on experience + fantastic benefits!
Jisc Grade: TCY3 (internal use only)
Hours: 35 hours per week
Contract: Permanent
Reports into: Lead Cyber Security Incident Investigator
Location: Hybrid - A blend of working from home and your nominated hub office, we have hubs in London, Bristol, Manchester and Oxford. Specific patterns for working in the office are not mandated, and the frequency of time worked in the office is agreed with your manager. Meeting in person is something we value so you may need to travel on occasion to any of our hub offices.

KEY SKILLS AND EXPERIENCE:

• Operational knowledge and experience of incident response.
• Sound understanding of IT environments and common infrastructure including: Microsoft Stack (Azure, Active Directory), Virtualisation Platforms, Backup Systems & Cloud Platforms.
• Working knowledge of a variety of operating systems, and a good systems administration level of experience.
• Previous experience working in a role as a point of escalation.
• Ability to communicate effectively with a range of security professionals and to simplify complex technical issues.
• Active Directory hardening knowledge.
• Working knowledge of TCP/IP and other related Internet protocols.
  You will need to be able to participate in an agreed extended working period, currently 08:00-18:00 up to a total of 35 hours per week and be available on call. On-call duties outside of working hours may be required, however are not expected at present.
  All roles within our Jisc Cyber Security team require employees to have enhanced background screening checks which include but are not limited to, financial and unspent criminal record checks.
  Some roles may also require full UK Security Check (SC) clearance, and you should have resided in the UK for the past 5 years and be willing to undertake this process. You must be able to hold UK security clearance.
  We are constantly changing and evolving at Jisc, so this job description just gives a flavour of what the role involves. It will change as our operations develop.

A core function of CSIRT is responding to security incidents, working with our members to investigate the issue, and helping them recover as quickly as possible, providing advice on a one-on-one basis as we do so, whether that is to do with malware, phishing, DDoS or any other network or system related incident.
Working within the CSIRT team you will provide an escalation point for Security Analysts, support the Security Lead with Incident Management and with the ongoing development of security systems, helping to generate new mitigations and enhancing the internal security of Jisc to defend against future attacks more effectively.
Day to day activities will include the operation of Jisc’s Security Operations Centre Service, including alert and support ticket triage, recognise the need to escalate, participation in incident handling duties as part of the Janet network CSIRT function, threat detection and analysis, using a range of Jisc-developed and commercial network and security-related tools to gather intelligence, mitigate attacks and provide a SOC and incident response capability.