Job Purpose and Accountabilities;
Part of first responder team for advanced cyber-security incidents for Fujitsu Managed Service Customers
Day to day cyber incident response activities through the different phases of IR
Identify and communicate cyber risks and issues
Defines, drives and improves technical related processes
Ability to use SIEM to analyse threats and is also able to proactively correlate across a number of security technologies
Is able to use analytical techniques including analysing incidents through full packet capture
Requires the ability to spot emerging threats and quickly act to implement countermeasures to block
Be able to accurately search and analyse vast amounts of data
Resolve issues that may require resolution coordination across multiple stakeholders both Fujitsu and customer.
Use high-level service expertise to influence problem escalations in advanced cyber threat and complex situations to resolve customer issues and improve service.
Proactively analyses information and trends, proposing action to resolve problems, maintain and enhance service.
Establishes multiple relationships with customers and managers across the organisation to act as a respected technical interface both internally and externally to deliver and enhance the service.
The role holder is self-sufficient and has recognized specialist skills supporting multiple products for multiple customers in order to maintain the availability and security of the service. The role holder also delivers medium complexity work packages as part of customer implementation projects and has the ability to understand complex situations and activities, communicating basic technical information to non-technical people.
Required Technical Skills;
Expert understanding of network protocols and enterprise systems
Knowledge/experience of SIEM solutions
Expert understanding of multiple operating systems
Familiarity with multiple security technologies and platforms and certifications
Experience in cyber incident response
Experience in content inspection across web and Email technologies
Experience of and ability to successfully interface with Fujitsu managed service customers
Experience of and ability to lead technical incident response teams and coordinate response efforts
Experience of and ability to document and explain technical details clearly and concisely both written and verbally to different audiences.
Experience of and ability to manage multiple projects under tight deadlines
Experience of and ability to coach and mentor technical security specialists
Experience of external tools and sources of threat intelligence
Solid attention to detail
Willingness to learn
Degree in cyber security related field is desired
Industry certification in multiple operating systems and/or network technologies
Proven experience in an information security discipline
Additional Desired Skills
Passionate interest in cyber threat intelligence and the technical capabilities and campaigns of threat actors
Experience with programming/scripting languages
Background in operational information security disciplines (e.g. incident response, security infrastructure management or monitoring services)
Key Performance Indicators
• Feedback from Customers, Service Delivery Management, Project Manager, colleagues
• Technical Assessments.
• Proven track record of problem resolutions.
• Evidence of sharing and re-use of knowledge
• Successful production of documentation.
• Successful management and implementation of changes.
• Improvement/enhancements to service delivery.
• Meets and improves service level requirements.
• Successful management of escalations in a timely manner.
• Meets project deadlines and costs within own area of responsibility.
• Errors with workarounds or fixes provided in a timely manner.
• Percentage of customer problems resolved within required timescales.
• Correct application of severity, impact and priority.
• Service Improvements.