Find More Than 10K+
United Kingdom Jobs

We have team members in the US, UK, Canada, India and the Philippines. Our remote work policy allows us to accommodate our employees' need for flexibility. Our family forward mentality and work-life balance focus empower our employees to live their best life at Agio.

WE OFFER:

• • Remote work arrangement
  • Competitive salary
  • Comprehensive health benefits including medical and dental for team member + family with immediate coverage
  • Life insurance
  • An inclusive and extended parental leave policy
  • Uncapped vacation time off
  • 10 paid holidays
  • 10 paid sick days
  • 32 hours of paid volunteer time off
  • Pension plan + matching
  • Training and growth opportunities
  • A multicultural and diverse team
  • A supportive work environment
  • Social events
  • Agio swag
  • And more

Job Description

Responsibilities

• Interfaces with clients, ensuring that escalated communications are handled deftly and quickly
• Continually looks for ways to improve
• Support a 24/7/365 Security Operations Center and monitor security tools
• Provide Tier 2 response to security incidents
• Respond to cybersecurity events and incidents caused by internal and external threats to our clients, coordinate response activities with various stakeholders, and recommend mitigation strategies
• Handle incidents as defined in playbooks and standard operating procedures, and advise on remediation actions
• Perform deep-dive incident analysis by correlating data from various sources and determine if a critical system or data set is affected
• Identify and design use case algorithms
• Assist customers in implementing sound and secure logging practices, deployment of agents and sensors
• Leverage advanced knowledge of security operations, cyber security tools, intrusion detection, and secured networks to integrate with the SIEM platform
• Triage emerging threats to protect assets and information in client environments.
• Partner with cross-functional technical teams to share expertise, research threats, and implement solutions
• Present reports and produce communications, e-blasts and other forms of communication that may be both internal and client facing, to include leadership and executive management
• Draft root cause analysis reports and recommendations after cybersecurity incidents
• Identify risk areas that will require vulnerability prevention
• Stay current with Security technologies and make recommendations for use based on business value

Requirements

• SIEM administration, configuration, and optimization experience with platforms such as Alien Vault, IBM QRadar, ArcSight or LogRhythm
• Threat hunting experience
• Malware reverse engineering and outbreak management experience
• Experience participating in and acting as an escalation point for complex network threat investigations
• Linux command line experience
• Experience and knowledge of public cloud environments, specifically AWS and Azure
• Knowledge of regular expressions and data normalization
• Experience configuring, integrating, and monitoring endpoint protection solutions such as Cylance, Carbon Black, or CrowdStrike
• Understanding of network protocols coupled with experience with web proxies, web application firewalls, and vulnerability assessment tools.
• Experience working in a team-oriented, collaborative environment with a high level of analytical and problem-solving abilities
• Positive attitude with strong oral and written communication skills
• Knowledge of IP networking and network security including Intrusion Detection
• Familiarity with common network vulnerability/penetration testing tools
• Familiarity with service management software such as ServiceNow
• Familiarity with data visualization platforms such as Domo
• Some experience with system hardening guidance and tools
• Experience on an incident response team performing Tier I/II initial incident triage, desired
• Experience supporting clients and serving as a technical advisor
• Ability to anticipate and respond to changing priorities and operate effectively in a dynamic demand-based environment requiring flexibility and responsiveness to client matters and needs

Qualifications/Education

BS/BA in Information Security, Computer Science or related engineering discipline, preferred

3-5 years' experience in technology (security, networking, systems, etc.)

Prior experience working in a Security Operations Center (SOC)

Financial services industry experience is a plus

Managed security service provider (MSSP) experience is a plus

Certifications

Certifications or work toward any of the following is strongly desired:

• GIAC Certified Incident Handler (GCIH)
• GIAC Certified Intrusion Analyst (GCIA)
• GIAC Certified Forensic Analyst (GCFA)
• GIAC Certified Forensic Examiner (GCFE)
• GIAC Network Forensic Analyst (GNFA)
• Cisco Certified Network Associate (CCNA)
• Microsoft Certified Solutions Associate (MCSA)
• CompTIA Security+

#LI-REMOTE