This job posting has expired
Technical - Consultant
Location : London
Headquarters : Melbourne, Australia
Hiring Mode : Full Time
Hiring Role : Consultant
Experience : Mid Level
- Telstra Purple is an ambitious and rapidly growing Global IT services firm which leads change, strips out cost and safeguards information.
- Its EMEA headquarters is based in London, we provide Strategy and Transformation, Cloud, Data and Analytics, Networks and Security Solutions to the public and private sector across the UK and the world. We have been at the forefront of infrastructure innovation for over 25 years, with an industry recognised methodology that guarantees outcomes, reduces risk and is at least 25% faster and 30% more cost effective than larger consultancies.
- Our consultants are self-starters who can adapt to the different requirements of each client and are open to taking on new challenges. Powered by Telstra, we have the agility of an Agile consulting business powered by a global telecommunications provider.
- Telstra Purple’s Cyber Security practise consists of security architects, security consultants, security advisors, and operational security managers. Powered by Telstra, Telstra Purple’s security practise has the ability to service our customers’ requirements along with the purchasing power of a global telecommunications provider.
- Joining the Telstra Purple family and our Cyber Security practise you will be given time and support to invest in your cyber security skills, but more importantly, the opportunity to work on varied assignments. Our customers range across a number of verticals including financial services, legal, government, transport, and charities to name a few.
- We are engaged in different types of work and therefore no two days are the same here at Telstra Purple. Ranging from security assessments of various guises and transforming our customer’s cyber security Target Operating Models, to managing and running security services as a trusted partner.
- You will be joining Telstra Purple’s cyber security managed services. As we continue to grow, this provides great opportunities for our staff to develop themselves in the areas that they are passionate about. Our flexible career models means that our consultants and analysts have the opportunity to move around the Security and Networks teams trying new and different careers.
- We will provide training through on-the-job training and vendor specific training. We are a flexible working organisation where we don’t need to be on customer site but more importantly you will gain the experience of working with our customers across multiple verticals and geographical regions.
- Telstra Purple invests in its staff and we are not looking for someone who has experience of everything that they will be doing. We will train you and invest in your career and we are looking for someone who wants to grow with a company into their next phase of their career.
- Training will be provided on the job and through vendor specific training to invest in your career.
- Based across multiple customers requiring occasional travel to Stevenage to customer site.
- Experience as a security analyst being able to detect incidents and take the relevant actions using the tools that will be provided.
- Work remotely with our managed security service helpdesk helping customers to proactively detect cyber security incidents.
- Support a range of customer’s operational security managed services ensuring compliance to various security frameworks.
- Work with technical teams within our customers to be an extension of their team to detect and respond to security incidents.
- Used to working in close conjunction with other SOC analysts to investigate potential security incidents.
- Be passionate about cyber security and able to stay calm under pressure, especially when dealing with security incidents instilling confidence and direction to our customers
- Drive remedial activities that are identified through a number of mechanisms such as vulnerability assessments, penetration tests and risks that have been identified
- Utilise our SIEM tools to carry out the following tasks:
- Monitoring and investigating the alarms that are triggered.
- Assisting in any tuning to any rules that may be needed
- Raising cases in LogRhythm for anything being worked on or that are assigned
- Use the MDR tool (Sentinel One) to carry out investigations and respond to customer queries.
- Monitor the email policy inbox. Look for anything that indicates a virus or Trojan being detected and investigate.
- Regularly check the virus control inbox for any emails sent in by users. These are emails they have reported to be spam or malicious and need investigating to see if anyone else has received them.
- Using Netwitness to carry out further investigation into any traffic on the network. Used in conjunction with email or LogRhythm to investigation as well as any other investigation that are being carried out.
- Using Fireeye to monitor if any malicious files have been detected coming into the network. Used to gather information to search netwitness for details.
- Using Darktrace to detect emerging threats in real time, and managing cyber-threats across Cloud, email, IOT, SaaS etc.
- Utilising Messagelabs and IronPort to monitor solutions that monitors emails in and out of the network and is capable of dropping emails on rule or pattern based matching. Emails flow through both of these solutions and the products can be used to track how far an email got, if it was blocked or if it got through and to who.
- Perform regular pro-active monitoring for security alerts relating to network security implementations.
- perform regular pro-active threat intelligence monitoring and research of social media in relation to current threats against the organisation.
- support innovation and continual improvement for the service and the wider IT and IS operations.
- To be eligible for this role, we are looking for candidates with the following experience:
- Experience in LogRhythm or a similar SIEM tool
- Experience of using tools such as Netwitness, Fireeye, Darktrace, Messagelabs and Ironport in order to be integrated to gain a deeper understanding of the security incident and to aid security investigations.
- Willingness to travel to customer site in Stevenage and be part of a customer security team on a periodic basis.
- Eligible for UK Security Clearance.
- Ability to track complex remedial activities from multiple sources and provide updates to customers in a user centric way.
- Ability to clearly articulate cyber security risks against business outcomes and provide advice on the remedial actions that should be undertaken.
- Used to managing and collaborating multiple team members and reporting progress to customers.
- Experience in managing security incidents on behalf of customers
- Experience in working with Security Operations Centres (SOCs) to resolve security incidents
- Able to present information to customers in a clear and effective manner
- Minimum of 18 months security operations centre experience
- Relevant security certification in GIAC Information Security Fundamentals or equivalent experience.
- COMPTIA Security+ or equivalent experience.
- Here, you can expect to be working at the forefront of our telecommunications technology landscape, on projects key to our success, delivering innovative solutions on a scale you won’t find elsewhere.
- We’re committed to building a diverse and inclusive workforce in all its forms. We encourage applicants from diverse gender, cultural and linguistic backgrounds and applicants who may be living with a disability. We also offer flexibility in all our roles, to ensure everyone can participate.
- To learn more about how we support our people, including accessibility adjustments we can provide you through the recruitment process, visit tel.st/thrive.