8 months ago
Cyber Risk & Security. Everybody’s talking about it. Every major corporation is concerned by it. The Government is investing £1.9 billion in tackling it. We’re shaping strategies and transforming technology to minimise it and we need you to join us. You’ll build strong relationships within a Cyber and Resilience practice with some 300 extremely talented individuals. Our team brings together people who graduated in everything from Philosophy to Law, Maths and Computer Science. Join them and you will operate at the cutting edge, enjoying the kind of professional development that will set your potential free.
Whether clients are looking to bridge the maturity gap or satisfy bespoke business/security objectives our Cyber Incident Response/Threat Hunting team gets to work – fast – to identify root causes, evict threats and automate manual tasks performed by Security Operations. Our professionals apply their experience and imagination to find the most advanced threats, hiding in the darkest corners of the network. Not only do we identify where these threats are using sophisticated machine learning logic, we also evict them from organisational assets and networks, preventing business-disrupting damage from occurring. With a unique collection of skills, methodologies and strategic award-winning vendor relationships, we can do whatever it takes – from improving the security of a single component to delivering a holistic security and privacy programme.
Our Cyber Incident Responders/Threat Hunters will be called to answer client needs regarding proactive incident response, reactive incident response, post-breach assessments, managed threat hunting as well as implementing response automation technologies.
* Construct and exploit open source and commercial threat intelligence to detect, respond, and defeat advanced persistent threats (APTs)
* Fully analyse network and host activity in successful and unsuccessful intrusions by advanced attackers
* Conduct advanced threat hunt operations using known adversary tactics, techniques and procedures as well as indicators of attack in order to detect adversaries with persistent access to the enterprise
* Create and add custom signatures, to mitigate highly dynamic threats to the enterprise using the latest threat information obtained from multiple sources
* Deep understanding of networking protocols and infrastructure designs, including some of the following: firewall functionality, encryption, host and network intrusion detection systems
* Conduct adversary disruption leveraging tactical, technical and legal capabilities to eradicate threat.
* Characterize suspicious binaries and be able identify traits, C2, and develop network and host-based IOCs.
* Identify potential malicious activity from memory dumps, logs, and packet captures
* Maintain and employ a strong understanding of advanced threats, continuous vulnerability assessment, response and mitigation strategies used in Cybersecurity operations
* Analyse and reverse engineer various file types, including providing dynamic and static analysis of malware artefacts and binaries as well as other malicious attack files
* Proven experience in incident response or Threat Hunting, either in-house or as a consultant
* Strong understanding of Operating Systems and Network Protocols
* Prior experience in network forensics with an emphasis on detecting malicious activity using network traffic
* Experience working with security intelligence, data analytics, security incident response, and forensic investigation teams
* Knowledge of current hacking techniques, vulnerability disclosures, data breach incidents, and security analysis techniques.
* Demonstrated experience with Windows and/or Unix/Linux operating systems including command-line tasks and scripting
* Familiarity with common commercial and/or open source vulnerability assessment tools and techniques used for evaluating operating systems, networking devices, databases and web servers
* Familiarity with threat modelling, development of attack plans
* Passion for information security and service excellence that matches our own
* Highly developed interpersonal, communication and organisational skills
* Research experience in tracking cyber threat and malware campaign activity
* Previous experience as Threat Researcher and/or Intelligence Analyst
* Tool agnostic ability to conduct preliminary malware analysis
* Strong scripting and task automation skills
* Demonstrated technical experience with Networking
* Red Team/Blue Team/Purple Team/Pen-Testing
Candidate must have at least:
* BSc in Computer Science, Engineering, Information Science or a related discipline (or equivalent experience)
* Ideally at least 3 years’ experience in Cyber Security (or Offensive Security/ Incident Response)
Candidate should have one or more of the following:
* GIAC Certified Forensic Analyst (GCFA)
* GIAC Certified Forensic Examiner (GCFE)
* GIAC Certified Incident Handler (GCIH)
* GIAC Certified Intrusion Analyst (GCIA)
* GIAC Reverse Engineering Malware (GREM)
We are Risk Advisory
In a constantly evolving, complex risk environment, our market leading Risk Advisory professionals are trusted by organisations across the globe to support them in understanding, evaluating and mitigating risk.Our clients demand industry experts who understand their challenges intimately and with whom they can build trusted relationships. They choose us because we provide bespoke solutions that deliver the power of Deloitte, bringing together: people they respect and enjoy working with; innovative technology; and an approach that allows them to make informed and intelligent risk decisions.
Our expertise spans all areas and sectors including technology risk, governance, internal audit, regulatory compliance, risk analytics, public sector and managed services. As a member of the team, you will work with inspiring, ambitious and supportive people who have diverse and extensive skills, experience and backgrounds. A move to Risk Advisory will help you to build a rewarding and balanced career.
Deloitte offers integrated services that include Audit and Risk Advisory, Tax, Consulting and Financial Advisory. Our approach combines insight and innovation from multiple disciplines with global business and industry expertise to help our clients excel anywhere in the world.
We deliver outstanding impact on the reputation and success of our clients, in the UK and globally. In pursuing this we contribute to a sustainable and prosperous society, and are firm believers in the positive impact business can and should have on the world it operates within.
At Deloitte we foster a collaborative culture where talented individuals can produce their best work. We value innovative thinking, diverse insights and a genuinely distinctive level of customer service through our expertise and professionalism.
We value difference, with respect at the heart of our inclusive culture. We are open to discussing with candidates the different ways in which we are able to support agile working arrangements. We recognise that our people are juggling demanding careers with commitments and interests outside of work.
Visit our website to hear from some of our people already working at Deloitte in agile ways.
We are proud to have received a special award for Best Innovation for our WorkAgility Time Out programme in the 2015 Top Employers for Working Families awards.
Deloitte LLP is a limited liability partnership registered in England and Wales with registered number OC303675 and registered office at 2 New Street Square, London, EC4A 3BZ. Deloitte LLP is the United Kingdom affiliate of Deloitte NWE LLP, a member firm of Deloitte Touche Tohmatsu Limited, a UK private company limited by guarantee (“DTTL”), its network of member firms, and their related entities. DTTL and each of its member firms are legally separate and independent entities.
Requisition code: 144775