Senior Threat Detection Analyst
Job Title\: Senior Threat Detection Analyst
Job Location\: Preston, Filton or Frimley - Hybrid-2 banks of shifts Shifts; 4 on 4 off 7am – 7pm. We offer a range of hybrid and flexible working arrangements - please speak to your recruiter about the options for this particular role.
Referral Scheme Bonus\: £1,000
Grade\: GG10
You’re expected to have completed 12 months in role prior to applying for an advertised vacancy and you should also discuss the internal opportunity with your line manager to ensure sustained business continuity and to further support your career development.
We know there may be exceptional individual circumstances that impact this, in the first instance please discuss this with your line manager.
If you don’t feel you can talk to your Line Manager, you can contact your HRBP.
PLEASE NOTE Should you be invited for interview; you acknowledge that the Recruitment team will contact you and your line manager regarding your application for this opportunity.
Role Description\:
In this role you will build, test, and deploy new detection capabilities across the environment in line with threat intelligence. Ensure services are operated in line with agreed service definitions and measures. Contribute to the development of the services through process, people and technology where appropriate.
Core Duties\:
- Triage, analyse and investigate alerts, log data and network traffic using the monitoring platforms and Internet resources to identify cyber-attacks / security incidents
- Delivery of core triage function as part of 24/7 protective monitoring services across a range of networks/services
- Act as a mentor and as an escalation point within the team for technical queries
- Ensure timely and accurate communication of incidents to IT, network or security teams across BAE Systems
- Escalate suspected major security incidents / investigations where support is required
- Define monitoring use cases and develop prototype rules with minimal supervision for example In response to intelligence or gaps in defences
- Contribute to the development of the services through people, process and technology where appropriate
- Build a comprehensive knowledge of BAE Systems IT systems to support monitoring activities and tailor remediation recommendations to systems
- Contribute to and help define requirements for future security capabilities along with the Lead Analyst
Essential Skills\:
- Technical background with experience of technologies including but not limited to firewalls, IDS/IPS, Active Directory, endpoint protection, Windows Server, Linux, Networking, Cloud and Vulnerability Management
- Analytical background and comfortable analysing and interpreting large and complex data sets and articulating the story behind any observations along with providing conclusions and recommendations
- Knowledge and experience of using tools to dissect common threats to produce useable IOCs. E.g. Malicious document analysis
- Detailed knowledge of the current threat landscape, the TTPs frequently employed in those attacks and how we can investigate and mitigate these
- Background of prior experience of working in an information and/or cyber security environment (Government or commercial sector) environments
- Previous experience working within Cyber Operations utilising SIEM platforms
- Relevant security certifications such as CISSP, SSCP, CEH, GCIH or GCIA
The Cyber Operations team\:
Cyber Operations is responsible for protecting BAE Systems from Cyber Attack by various threat actors. Not only do we protect BAE Systems and its employees, indirectly we protect those who protect us – who serve in our military and rely on the products and services we create. Across Threat Intelligence, Detection, Incident Response and now Active Defence we work to evolve cyber operations as a world class capability.
Why BAE Systems?
Here you’ll build a career with purpose and limitless possibilities. With lifelong learning and meaningful work - this is a place where you can grow your career with confidence and be empowered to be your best. You’ll be recognised for your contribution and enjoy rewards tailored to what’s most important to you and your family - support for your financial and personal wellbeing, as well as a balanced lifestyle. In an environment embracing sustainable ways of working and with a strong sense of shared purpose, our supportive culture is a place you can feel you belong and proud of the difference you make.
We welcome applications from all suitably qualified people, who are BAE Systems employees and have been in their current role for 12 months or longer.
A place where everyone can thrive\:
We’re committed to building an inclusive workplace where everyone feels valued and supported. We know that a diversity of backgrounds, perspectives and experiences strengthens our teams and is vital to the work we do.
Please be aware that many roles at BAE Systems are subject to both security and export control restrictions. These restrictions mean that factors such as your nationality, any nationalities you may have previously held, and your place of birth can restrict the roles you are eligible to perform within the organisation. All applicants must as a minimum achieve Baseline Personnel Security Standard. Many roles also require higher levels of National Security Vetting where applicants must typically have 5 to 10 years of continuous residency in the UK depending on the vetting level required for the role, to allow for meaningful security vetting checks.