What impact will you make?
NSE Senior Security Analyst
The Security Analyst is a member of the NSE Cyber Incident Response team and is responsible for providing Cyber Incident response expertise across North South Europe (NSE) at Deloitte.
Reporting to the NSE Head of Cyber Incident Response, the role provides support for a range of operational security activities including incident analysis, remediation support and detailed investigation at Deloitte.
-----------------------------------------------------------------------------------------------------------------------------------------
What impact will you make?
1. Leads in preparation of internal communications
2. Leads in maintaining chain of custody of incident evidence
3. Drives recommendations to resolve incident and/or reduce impact of incident, to bypass and/or prevent future similar incidents
4. Responsible for the overall management of the NSE IR Ticket queue, handling and resolving of Incident Tickets as required
5. SME for technical services needed for cyber incident response investigations including containment, eradication and remediation activities
6. Leads with assessing scope of incident damage
7. Leads in determination of incident severity
8. Responsible for maintaining documentation throughout a cyber incident
9. Leads in the drafting of post-incident reports to senior leadership to convey impact, origin, root cause, and remediation
10. Provides direct guidance and oversight to Service Management during an Incident Response as required
-----------------------------------------------------------------------------------------------------------------------------------------
How do you do this?
11. Recommended minimum of 5 years of combined experience in the Information Security / Cybersecurity including either Operational Security (SOC) or Cyber Incident Response experience
12. Demonstrated understanding of the incident lifecycle and security operations, working knowledge of triage and analysis tools, and a strong understanding of cybersecurity threats
13. Demonstrated understanding of incident response casework, including maintaining case information, chain of custody reporting, and full documentation of issues from identification through remediation
14. Proven track record and experience of the following in a highly complex and global organization
15. Excellent problem solving and troubleshooting skills with experience exercising mature judgement
16. Excellent teamwork and interpersonal skills
17. Relevant professional security management certification is desirable but not a requirement for the role
-----------------------------------------------------------------------------------------------------------------------------------------
Personal Strengths
Naturally you collaborate with your colleagues and you learn every day and from each situation. During your journey at Deloitte you will always be encouraged and supported to be yourself, this is one of our core colleague values. The following personal strengths are important for the role:
18. Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate highly complex cyber security topics and concepts to technical and nontechnical audiences at various hierarchical levels
19. Possess strong organizational skills to facilitate management and tracking of large numbers of incidents, events, and associated tasks
20. Ability to adapt, operate and lead in a high-tempo, dynamic and potentially high-pressure environment
21. Strong operational knowledge of a number of preventive and detective security controls (knowledge of ALL these areas is NOT required) e.g. firewalls, advanced endpoint solutions, Data Loss Prevention (DLP), web security solutions, email gateways, Security Information and Event Management (SIEM)
22. Good knowledge of a number of general IT technologies and concepts (knowledge of ALL these areas is NOT required) e.g. routers, switches, messaging systems, server operating systems (Windows, Linux), desktop and mobile operating systems (Windows, macOS, IOS), cloud services and architecture, vulnerability management
23. Experience recording and maintaining incident documentation within a ticketing system
24. Desirable : Understanding of Cloud computing and incident response in a Cloud based environment
25. Ability to quickly analyse large amounts of information and formulate action plans based on that analysis.
-----------------------------------------------------------------------------------------------------------------------------------------
(W)here
Any of the NSE Countries
-----------------------------------------------------------------------------------------------------------------------------------------