Senior Advanced Cyber Unit Analyst

Bristol
February 24, 2024
Full Time

Job Description


Job title: Senior Advanced Cyber Unit Analyst

Company: Rolls-Royce

Job description: Job Description

Senior Advanced Cyber Unit Analyst

Full time

Bristol / Hybrid

Why Rolls Royce?

An exciting opportunity has arisen for a Senior Advanced Cyber Unit Analyst to join the Rolls-Royce Advanced Cyber Unit (ACU).

Rolls-Royce is a world-leading provider of power systems and services for use on land, at sea and in the air. Rolls-Royce creates integrated power solutions and innovative technologies that keep its customers one step ahead of an ever-changing world.

It continues to invest in core technologies, products, people, and capabilities with the objective of broadening and strengthening the product portfolio, improving efficiency, and enhancing the environmental performance of its products. Rolls-Royce is one of the most technologically advanced organisations in the world.

Data is the lifeblood of the company and IT is critical to everything it does.

The Rolls-Royce Advanced Cyber Unit is tasked identifying threat actors attacking (or planning to attack) the organisation and quelling the problem at the earliest possible juncture. They are tasked with ensuring that future attacks from the same threat agent are unsuccessful. The team’s remit is the detection, disruption and eradication of threat actors from Rolls-Royce by

  • Identifying who has attacked / is about to attack the organisation. This involves evaluation threat intelligence, evaluating threats and vulnerabilities, and generating hypothesis.
  • Understanding threat actor’s modus operandi by evaluating how they work and what tools / technologies they use.
  • Carrying out regular structured, unstructured, and situational threat hunt activities.
  • Interpreting technical findings to influence cyber defence tooling, configurations, and strategies.
  • Supporting specialised technical analysis on large data sets for incident response engagements across all geographic regions.

As an ACU Analyst, you will report to the UK Head of Advanced Cyber Unit and will work as part of the wider IT Security team. You will work alongside and in conjunction with a global set of Cyber–Security Operations Centres (SOCs). You will be part of a niche team of hunt specialists whose job is to reduce the risk of cyber threats to the organisation. This is to be achieved through

  • Evaluation and correlation of multiple intelligence sources to gain a deeper understanding of the cyber threat landscape facing Rolls-Royce.
  • Deriving of new conclusions that can’t be gained from evaluating intelligence without industry and organisation contextualisation.
  • Regular undertaking of a set of manual evaluation tasks to identify unusual or suspicious activity.
  • Development of automated approaches to technical analytical tasks to streamline threat hunting processes.

Analysts are required to understand the enterprise threat landscape in which Rolls-Royce operates and threat intelligence gathered from enterprise security tooling.

They are required to undertake intelligence evaluation to identify threats, quantify vulnerabilities and reduce risk to Rolls Royce. The incumbent is responsible for the timely review of cyber security incidents generated by security devices and logs, assessment of the situation and reporting incident management to aid successful resolution.

Analysts are trained to understand the threat landscape in which Rolls-Royce operates and how to interpret threat intelligence gathered from enterprise security tooling. They are required to undertake intelligence evaluation to identify threats, quantify vulnerabilities and reduce risk to Rolls Royce.

Incumbents are responsible for the timely review of cyber security incidents generated by security devices and logs, assessment of the situation and management of incidents to successful resolution. In all cases, incumbents are required to respond to events using appropriate tools and procedures. Analysts are trained to have the technical dexterity to choose the right tool for the job and to understand how to use it effectively across a range of security scenarios.

Work with us and we’ll welcome you into an inclusive culture, one that invests in your continuous learning and development, and gives you access to a wide breadth and depth of experience.

We offer excellent development, a competitive salary and remarkable benefits. These include bonus, employee support assistance and employee discounts.

Your needs are as unique as you are. Hybrid working is a way in which our people can balance their time between the office, home or another remote location. It’s a locally guided and flexed informal discretionary arrangement. As a minimum we’re all expected to attend the workplace for collaboration and other specific reasons, on average three days per week.

What you will be doing:

  • Utilising a variety of intelligence sources to maintain a good awareness and understanding of the current threat landscape.
  • Identifying Threat Actors operating in relevant industry sectors in which the business offer products and services.
  • Dissecting relevant operational intelligence to understand the threat to the Rolls-Royce business.
  • Coordinating structured, unstructured, and situational or entity passionate Threat Hunts across multiple multi-layered environments.
  • Supporting the operational security teams during major cyber incidents to ensure full effective resolution.
  • Generation of Threat Hunt and Threat Reports for internal consumption and reporting.
  • Creating comprehensive security assessments which articulate security issues, analysis and remediation techniques.
  • Participating in Cyber Awareness activities.
  • Continuously seeking to identify potential service / tool improvements which will enhance the delivered services.
  • Conducting research on emerging security threats and potential customer impact.

Who we are looking for:

At Rolls-Royce we embrace agility, are bold, pursue collaboration and seek simplicity in everything we do. These values form our values and behaviours and are an essential component of our assessment process and are fundamental qualities that we seek for all roles.

  • Bachelor’s degree in business, computer science, or information technology OR 2+ years of information technology security experience.
  • A passion for IT, cyber security, learning and knowledge sharing combined with an analytical and curious mind-set to move out investigations.
  • An understanding of cyber security and detection techniques.
  • Experience of network anomaly detection using traffic analysis or network intruder detection systems.
  • A basic understanding of the cyber kill chain in relation to Advanced Persistent Threats (APTs).
  • Some understanding of threat actor tactics, techniques and procedures, vulnerabilities, attacks and countermeasures.
  • Experience of presenting on cyber security issues.
  • A flexible approach to working given the reactive nature of incident response. Evening and weekend working may be required during periods of major activity.
  • Should be UK Citizen and able to obtain security clearance This role is subject to Full UK Security Clearance.

We are an equal opportunities employer. We’re committed to developing a diverse team and an inclusive working environment. We believe that people from different backgrounds and cultures give us different perspectives. And the more perspectives we have, the more successful we’ll be. By building a culture of respect and appreciation, we give everyone who works here the opportunity to realise their full potential.

We welcome applications from people with a refugee background.

You can learn more about our global Inclusion strategy at Our people | Rolls-Royce

Closing date: 29th February 2024

Job Category

Information Technology

Posting Date

15 Feb 2024; 00:02

Expected salary:

Location: Filton, Gloucestershire – Bristol Area

Location

Related Jobs