Airbus Cyber Security is a European specialist in cyber security. Our mission is to protect governments, military and essential national infrastructure enterprises from cyber threats.
We are over 700 experts based across our main locations in France, Germany and the UK, each with a Security Operating Centre, we also operate in the US and the Middle East.
We provide a global cyber defence approach that aims to protect, detect and respond to cyber threats with a portfolio including managed security services, industrial control system offerings, encryption, key management and consultancy services.
Our goal: Protect our customers and support their needs with cyber security products.
We are passionate about cyber security. If you share our passion, we want to speak with you.
Description of the job
An exciting opportunity has arisen for a 2nd Line SOC Analyst within Airbus Cyber Security in Newport, South Wales.
The role involves Threat Intelligence collection and distribution within the SOC Tooling and supporting active Threat Looking for our Clients. L2 Experience in SOC or equivalent experience is assumed. There is also the opportunity to assist and prepare with Incident Response and a range of Digital Forensic tasks.
The role covers our clients and requires working closely with other departments such as our clients SPOCs, Airbus Design and Implementation Engineering, Network Operations, Service Delivery and Service Design Teams. Every day will be different and challenging.
We can offer you all of this and more…
• Exciting development opportunities and perspectives within Airbus as a global player
• An attractive company pension scheme
• Airbus Group success share scheme
• An range of additional benefits medical, dental and vision insurance
• Flexible working hours
Tasks & accountabilities
• Assume Breach: Use behavioural analysis techniques to identify malicious activity on customer networks
• Create hypothesis driven use cases based on known threat actor tactics, techniques and procedures to identify malicious activity on customer networks (Diamond Model)
• Maintain the Airbus UK MISP with relevant, customer specific Threat Intelligence data
• Maintain and use the Airbus CTI lab network for research of threat/malware techniques and threat emulation.
• Perform advanced log analysis on customer networks to search for evidence of latest threats and exploits
• Present and review reports to our partners
• Support the IR Coordinator by assisting in the preparations, playbooks to support Incident Response and a range of Digital Forensic tasks within the Threat, CTI and Incident Response Team.
This job requires an awareness of any potential compliance risks and a commitment to act with integrity, as the foundation for the Company’s success, reputation and sustainable growth.
• Knowledge of multiple operating systems
• Demonstrate experience in intrusion analysis or threat intelligence disciplines
• Demonstrate experience to assess cyber threat intelligence and producing positive, relevant output
• Wireshark Packet Analysis
• SANS 508: Advanced Incident Response, Threat Hunting and Digital Forensics
• SANS SEC578: Cyber Threat Intelligence
• SANS SEC504: Hacker Tools, Techniques, Exploits and Incident Handling (or equivalent)
• 5+ years’ experience in SOC or cyber security fields
Because of the nature of work undertaken, these positions are required to meet special nationality rules and therefore these vacancies are only open to sole British Citizens. If you who meet this criteria you will also undergo security clearance vetting, if not already security cleared to a minimum SC level
We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender, gender identity or expression, or veteran status. We are proud to be an equal opportunity workplace.