Advanced Cyber Unit Analyst Bristol, England
Job description
Job Description
Advanced Cyber Unit Analyst
Full time
Bristol / Hybrid
Why Rolls Royce?
An exciting opportunity has arisen for a Advanced Cyber Unit Analyst to join the Rolls-Royce Advanced Cyber Unit (ACU)
Rolls-Royce is a world-leading provider of power systems and services for use on land, at sea and in the air. Rolls-Royce creates integrated power solutions and innovative technologies that keep its customers one step ahead of an ever-changing world. It continues to invest in core technologies, products, people, and capabilities with the goal of broadening and strengthening the product portfolio, improving efficiency, and enhancing the environmental performance of its products. Rolls-Royce is one of the most technologically advanced organisations in the world.
Data is the lifeblood of the company and IT is critical to everything it does. The Rolls-Royce Advanced Cyber Unit is tasked with identifying threat actors attacking (or planning to attack) the organisation and quelling the problem at the earliest possible juncture. They are tasked with ensuring that future attacks from the same threat agent are unsuccessful. The team’s remit is the detection, disruption and eradication of threat actors from Rolls-Royce by
- Identifying who has attacked / is about to attack the organisation.
- This includes understanding threat actor’s modus operandi - how they work and what tools / technologies they use.
- Supporting hunt exercises using threat intelligence, evaluation of anomalous log data and developing new or using existing tools to conduct threat hunts.
- Suggesting modifications to internal defences and processes for more effective and efficient security operations. •Providing Incident Response (IR) experience during a live incident to ensure subject matter specialist advice is available to resolving teams.
As an ACU Analyst, you will report to the UK Head of Advanced Cyber Unit and will work as part of the wider IT Security team. You will work alongside and in conjunction with a global set of Cyber–Security Operations Centres (SOCs). In this role you will be part of a niche team of hunt specialists whose job is to reduce the risk of cyber threats to the organisation. This is to be achieved through
- Evaluation and correlation of multiple intelligence artefacts to gain a deeper understanding of the cyber threat landscape facing Rolls-Royce. Formulation of hypotheses derived from threat intelligence sources to aid threat hunting and deep dive investigations
Analysts are required to understand the enterprise threat landscape in which Rolls-Royce operates and threat intelligence gathered from enterprise security tooling. They are required to undertake intelligence evaluation to identify threats, quantify vulnerabilities and reduce risk to Rolls Royce. The incumbent is responsible for the timely review of cyber security incidents generated by security devices and logs, assessment of the situation and reporting incident management to aid successful resolution.
Analysts are expected to have the technical dexterity to choose the right tool for the job and to understand how to use it effectively across a range of security scenarios. They are also required to define the toolsets that best enable them to meet their goals in hunting down cyber threats and vulnerabilities
Work with us and we’ll welcome you into an inclusive culture, one that invests in your continuous learning and development, and gives you access to a wide breadth and depth of experience.
We offer excellent development, a competitive salary and remarkable benefits. These include bonus, employee support assistance and employee discounts.
Your needs are as unique as you are. Hybrid working is a way in which our people can balance their time between the office, home or another remote location. It’s a locally coached and flexed informal discretionary arrangement. As a minimum we’re all expected to attend the workplace for collaboration and other specific reasons, on average three days per week.
What you will be doing:
- Evaluation logs and alerts from a variety of different data sources (IDS/IPS, Firewall, Proxies, Anti-Virus, SIEMSs, etc.) across multiple platforms and escalating/explaining severe security incidents verbally and in writing.
- Coaching major security incidents through all phases of the incident response lifecycle from identification through to closure.
- Identifying/developing tooling for use during cyber threat hunts, investigations, and incidents.
- Assisting Rolls-Royce users and key stakeholders with security related issues and advice. Responding to technical security questions and concerns from the business.
- Conducting research on emerging security threats and potential customer impact. Ensuring all operating environments including manufacturing, on-premise, and cloud segments of the network.
Who we’re looking for:
Being a part of Rolls-Royce you’ll know we embrace agility, are bold, pursue collaboration and seek simplicity in everything we do. These values form our values and behaviours and are an essential component of our assessment process and are fundamental qualities that we seek for all roles
- Bachelor’s degree in computer science, information technology or data science OR information technology security experience.
- A passion for IT, cyber security, learning, and knowledge sharing combined with curious mind-set to move out investigations.
- Advanced understanding of cyber security and detection techniques.
- Experience of network anomaly detection using traffic evaluation or network intruder detection systems.
- Understanding of the cyber kill chain in relation to Advanced Persistent Threats (APTs).
- Demonstrable experience of security related incidents.
- A flexible approach to working given the reactive nature of incident response. Evening and weekend working may be required during periods of major activity. Should be UK Citizen and able to obtain security clearance; this role is subject to Full UK Security Clearance.
We are an equal opportunities employer. We’re committed to developing a diverse team and an inclusive working environment. We believe that people from different backgrounds and cultures give us different perspectives. And the more perspectives we have, the more successful we’ll be. By building a culture of respect and appreciation, we give everyone who works here the opportunity to realise their full potential.
We welcome applications from people with a refugee background.
You can learn more about our global Inclusion strategy at Our people | Rolls-Royce
Closing date: 1st October 2023
Job Category
Information TechnologyPosting Date
18 Sept 2023; 00:09
