Cyber Threat Analyst - National Security West

View more categories View less categories Clearance Level DV ,SC ,None / Undisclosed Sector Defence ,Engineering ,Information Technology Job Type Permanent

Location(s): UK, Europe & Africa : UK : Leeds

BAE Systems Digital Intelligence is home to 4,500 digital, cyber and intelligence experts. We work collaboratively across 10 countries to collect, connect and understand complex data, so that governments, nation states, armed forces and commercial businesses can unlock digital advantage in the most demanding environments.

Cyber Threat Hunter

Job Title: Cyber Threat Analyst
Requisition ID: 121703

Location: Leeds and surrounding area

Grade: GG08 - GG09

Referral Bonus: £5,000

Role Description

BAE Systems have been contracted to undertake the day-to-day operation of (and incremental improvement of) a dedicated Security Operations Centre (SOC) to support the defence of a major UK Critical National Infrastructure (CNI) organisation. The networks protected are predominantly hosted in cloud platforms, with many hundred systems within these environments that must be protected. The customer is committed to development of this improved SOC to be a benchmark of best practice and excellence in reflection of the significant threat that the protected systems are subject to.

This role requires a minimum of SC clearance with the potential for DV Clearance in the future.

This role reports to the Delivery Lead/PMO.

The Role

You will be/have:

• Responsible for and capable of independently creating Threat Hunt Hypotheses, running Threat Hunts at a regular cadence
• Responsible for and capable of translating Threat Hunt Hypotheses into KQL Queries, running those KQL queries and then independently triaging the results.
• Experienced with and have sufficient knowledge of attacker TTP's
• Have a deep understanding of Advanced Persistent Threat groups and the ability to conduct in-depth research
• Able to independently verify the results of Threat Hunts, refining the queries where necessary
• Experienced in Incident Response and Management
• Responsible for the quality of all Threat Hunt Reports, ensuring that output is delivered it is at the highest possible standard
• Responsible for ensuring that all relevant process is effectively documented and regularly reviewed
• Responsible for providing well-reasoned and sound analysis, context and predictions into relevant deliverables
• Responsible for assessing the maturity of the function within the client and identifying areas for improvement, productising those improvements and delivering them
• Be a point of contact for intrusion analysis, forensics and Incident Response queries. Able to provide root cause analysis of non-standard analytic findings and anomaly detections for which a playbook does not yet exist.
• Responsible for ensuring that during times of reduced capacity that all ADHOC and regular products are completed and are at a sufficient quality for distribution
• In-depth knowledge of the various techniques and frameworks used within the Cyber Threat Intelligence Domain, Including the Cyber Kill Chain and MITRE ATT&CK
• Development of new analytics and playbooks that result in creation of new detection rules/analytics

Requirements

Technical

• 3+ years' experience in Cyber Threat Intelligence, and conducting research and investigating cyber threats in a technical capacity
• Experience in technical incident response and management
• An expert understanding of current and emerging threats related to government and CNI
• Excellent Open-Source research skills
• Demonstrate a high-level knowledge of Windows operating systems and the Azure Landscape
• Demonstrate a high-level knowledge of core networking concepts and technologies
• Demonstrate a high-level knowledge of and experience operating within cloud platforms

Non-Technical

• Bachelor's Degree in Cybersecurity, Computer Science or equivalent
• Experience in a SOC/Threat Intelligence/Vulnerability Management field
• Excellent written and verbal communication skills with the ability to communicate the risk, potential impact and importance of detailed technical information to non-technical and senior stakeholders
• Team player and adept at working in a multi-disciplinary and diverse team
• Self-motivated and motivates others, keeping morale and performance high
• Ability to mentor others

Desirable Qualifications:

• Degree-level education in Cyber Security or related area
• SANS GNFA, GCIH, GCIA, GCTD
• CySA+
• CREST - Intrusion Analyst, Cyber Threat Intelligence
• Azure - SC200, SC500, AZ500
• AWS - Cloud Essentials, Security
• EC-Council Certified Ethical Hacker or demonstrable equivalent experience

Life at BAE Systems Digital Intelligence

We are embracing Hybrid Working. This means you and your colleagues may be working in different locations, such as from home, another BAE Systems office or client site, some or all of the time, and work might be going on at different times of the day.

By embracing technology, we can interact, collaborate and create together, even when we're working remotely from one another. Hybrid Working allows for increased flexibility in when and where we work, helping us to balance our work and personal life more effectively, and enhance well-being.

Diversity and inclusion are integral to the success of BAE Systems Digital Intelligence. We are proud to have an organisational culture where employees with varying perspectives, skills, life experiences and backgrounds - the best and brightest minds - can work together to achieve excellence and realise individual and organisational potential.

There’s no limit to where your career at BAE Systems in the UK could take you.

When you join us you’ll be part of something bigger, a purpose that binds diverse minds and talents together – to serve, supply and protect those who serve and protect us. From day one, you can expect unique environments and boundary-breaking projects across air, land, sea, cyber and space. Be part of a team committed to excellence where you’ll collaborate with some of the brightest minds working towards a common vision - to be the premier international defence, aerospace and security company.

Your contribution can make a real impact. It’s a place where your diversity of thought and experience is valued, and where you'll have access to all the resources you need to grow – both professionally and personally. Whether that's deepening your expertise, achieving further professional accreditation, getting involved in our community or enjoying varied projects and experiences - there's no end to where your career and life at BAE Systems could take you. With flexible working patterns and great rewards and benefits, you can look forward to a secure and rewarding career in a stimulating, inclusive environment you can thrive in - now and in the future.

Whether you're working on surface ships, submarines, aircraft, land vehicles and high-technology platforms or in cyber, digital, multi-domain integration or space; there are opportunities for engineers at all levels across a wide range of specialisms in which to develop. It's challenging, fulfilling and meaningful work where our engineers are encouraged to push the boundaries of what’s possible and to think of innovative ways to solve some of our customers’ biggest challenges. All whilst ensuring we have a positive impact within the communities in which we operate. Our path ahead needs brilliant minds like yours.

Create a job alert and receive personalised job recommendations straight to your inbox.