Senior Analyst - Cyber Defence in London

Our Cyber Defence team is tasked with identifying and addressing threats to the business utilising a range of tools and technologies. The senior members of our Cyber Defence team are specialists in a number of areas with particular focus on network and endpoint forensic capabilities. We exist to ensure Dyson staff can innovate in a safe environment allowing Dyson to deliver exciting technology to the market before our competitors.

Responsibilities

• Delivering an enterprise level service where you have identified attacks, intrusions, unusual or illegal activity and acted in line with an incident management or response plan.
• Acting as a leader within a SOC environment, develop non-senior members of the team and challenge existing approaches with a view to delivering greater efficiency.
• Working in a close-knit team but with an ability to take the initiative to deliver innovative approaches.
• Own and author SOC playbooks, ensured they are followed and that they are regularly reviewed to identify better ways of working.
• Reviewing new technologies, working on proof of concepts and helping to decide the future technology stack of a SOC.
• Utilising a range of intelligence sources to hunt for threats across an infrastructure. Taking the lead in threat hunting and training junior members of the team to help them develop into seasoned Cyber Defence Analysts.
• Identifying opportunities to automate response to alarms, helping to drive maximum efficiency in a SOC to ensure time and resource availability to identify the true threats.
• Staying up to date with current security trends, attack approaches, campaigns and APT groups with a view to utilizing that knowledge while identifying threats to the business.

Skills

• Expert knowledge and hands-on management of a SIEM/SOAR tools including the ability to analyse business practices, derive security use-cases and build alarm rules to cater to them.
• Strong knowledge of cyber threat hunting, advanced attack vectors and using cyber intelligence to proactively discover threat behaviour.
• Strong knowledge in network and host-based security as a minimum as well as experience in web application security and client-server application security.
• Strong knowledge of approaches to exploiting Windows, Mac OS and Linux operating systems.
• Significant experience of utilizing a range of SOC technologies such as Endpoint Detection and Response tools (for example Carbon Black, Crowdstrike, Cybereason), Email Security Gateway (for example Symantec Email Security, Cisco Ironport), Web Security Proxy (for example Zscaler, Websense, Barracuda).
• Expert knowledge of a range of log types and headers with particular focus on email headers, IIS logs, AD logs etc.
• Practical knowledge of industry standard frameworks such as ISO 2700x, NIST, ITIL, etc.
• Experience of securing organisations in line with industry best practices such as CIS, SANs, OWASP, CSA.
• Knowledge of industry regulations such as PCI DSS, GDPR, China CSL, etc.
• Experience of a range of open source tools, technologies and sites for extending analysis capability (for example Wireshark, VirusTotal, Hybrid Analysis, Cuckoo, MISP etc.).
• Ability to translate and distil complex technical information across all levels of the organisation as required for the audience.

Duties

You will be a part of our 24x7 Cyber Defence team. As a seasoned analyst you will perform alert monitoring, incident response, investigation and research on existing and emerging cyber threats. The position focuses on leveraging your understanding of the tactics, techniques, and procedures employed by advanced threats combined with intelligence from multiple sources to respond to a range of different and complex incidents. You are the defenders of the Dyson network, the guardians of our secrets.

Working conditions

At Dyson, we demand the highest standard of performance from the technologies we engineer. Our people expect the same from the technology that supports them. We are a community that appreciates and advocates better engineering. A community of pioneers. It's no secret that our intellectual property is massively critical to our success. But how do we keep it from the prying eyes of the bad guys? Dyson's Global Cyber Security department works effectively to keep our secrets secret and secure our crown jewels using advanced technologies to stay one step ahead of the game. We use a pragmatic approach to transform cyber security to enhance our business resilience to better manage potential cyber disruption. We invest in new cyber security capabilities and leverage our strong cyber security ecosystems to tackle future threats. The Cyber Defence Team are the beating heart of Dyson's Cyber Fusion Centre capabilities. They ensure Cyber Security incidents are managed timely and efficiently across all of our global locations.

Benefits

• 27 days holiday (plus statutory bank holidays)
• Pension scheme
• Performance related bonus
• Life assurance
• Sports centre
• Free on-site parking
• Subsidised café, restaurants and free lunches
• Discounts on Dyson machines
• Free Hair Salon
• Concierge service
• Interview guidance

We are following the government guidelines regarding COVID-19. At this time all interviews will be conducted via video or telephone. We are taking these precautionary measures to protect both our employee and candidate wellbeing. Our Talent Acquisition team will work with you and provide further information as appropriate.