Fujitsu Warrington, UK
Jul 08, 2019Job - Full time
Job Purpose and Accountabilities ; Part of first responder team for advanced cyber-security incidents for Fujitsu Managed Service Customers Day to day cyber incident response activities through the different phases of IR Identify and communicate cyber risks and issues Defines, drives and improves technical related processes Ability to use SIEM to analyse threats and is also able to proactively correlate across a number of security technologies Is able to use analytical techniques including analysing incidents through full packet capture Requires the ability to spot emerging threats and quickly act to implement countermeasures to block Be able to accurately search and analyse vast amounts of data Resolve issues that may require resolution coordination across multiple stakeholders both Fujitsu and customer. Use high-level service expertise to influence problem escalations in advanced cyber threat and complex situations to resolve customer issues and improve service. Proactively analyses information and trends, proposing action to resolve problems, maintain and enhance service. Establishes multiple relationships with customers and managers across the organisation to act as a respected technical interface both internally and externally to deliver and enhance the service. Role Purpose The role holder is self-sufficient and has recognized specialist skills supporting multiple products for multiple customers in order to maintain the availability and security of the service. The role holder also delivers medium complexity work packages as part of customer implementation projects and has the ability to understand complex situations and activities, communicating basic technical information to non-technical people. Key Accountabilities Technical Capability. Works within a team as an established security specialist (e.g. detailed knowledge of the configuration of interlinked systems, implementing technical changes, building software regimes and contributing technically to service development) to support end users. Process. Follows established processes, releasing to the change control process verified, validated and documented enhancements to eliminate problems and proactively develop the service. Service Level. Recognizes opportunities to improve performance against Service Level. Acts as a point of escalation for to resolve service delivery issues. Monitors performance through statistical reporting and analysis. Project Work. Works within a team or under guidance from the project manager with implementation of technical designs to meet service delivery requirements within own area of responsibility. Customer Relationship. Establishes working relationships with customer’s organization to deliver and enhance the service. Problem Solving. Takes ownership in obtaining the information, evidence and data required to diagnose and resolve more complex problems (both new and known), Escalates or gains support where appropriate. Proactively analyzes, trends and reports on information (e.g. on performance service levels) in a timely manner to resolve problems, maintain and enhance service. Team Working. Trains and coaches members of the team to provide knowledge, assistance and advice. Works in a problem solving team to resolve service issues. Stands in for the team leader. Business Awareness. Understands the requirements of the customer’s business, the scope of the contract and knows how issues impact the delivery of service. Recognizes and reports opportunities to team manager and other relevant parties for additional business. • Professional Development. Maintains awareness of technical and service developments, taking the initiative to extend own knowledge to learn about products, technologies and techniques to deliver enhanced service. Required Technical Skills; Expert understanding of network protocols and enterprise systems Knowledge/experience of SIEM solutions Expert understanding of multiple operating systems Familiarity with multiple security technologies and platforms and certifications Experience in cyber incident response Experience in content inspection across web and Email technologies Experience of and ability to successfully interface with Fujitsu managed service customers Experience of and ability to lead technical incident response teams and coordinate response efforts Experience of and ability to document and explain technical details clearly and concisely both written and verbally to different audiences. Experience of and ability to manage multiple projects under tight deadlines Experience of and ability to coach and mentor technical security specialists Experience of external tools and sources of threat intelligence Solid attention to detail Willingness to learn Education/Experience; Degree in cyber security related field is desired Industry certification in multiple operating systems and/or network technologies Proven experience in an information security discipline One or more of the following technical certifications: GIAC Certified Incident Handler (GCIH), GIAC Certified Forensic Analyst (GCFA), GIAC Reverse Engineering Malware (GREM), EnCE or equivalent certifications in these areas is desired Additional Desired Skills Passionate interest in cyber threat intelligence and the technical capabilities and campaigns of threat actors Experience with programming/scripting languages Background in operational information security disciplines (e.g. incident response, security infrastructure management or monitoring services) Key Performance Indicators • Feedback from Customers, Service Delivery Management, Project Manager, colleagues • Technical Assessments. • Proven track record of problem resolutions. • Evidence of sharing and re-use of knowledge • Successful production of documentation. • Successful management and implementation of changes. • Improvement/enhancements to service delivery. • Meets and improves service level requirements. • Successful management of escalations in a timely manner. • Meets project deadlines and costs within own area of responsibility. • Errors with workarounds or fixes provided in a timely manner. • Percentage of customer problems resolved within required timescales. • Correct application of severity, impact and priority. • Service Improvements.