Cyber Threat Specialist
other jobs eFinancialCareers
Added before 4 Days
- England,London,City of London
- Full Time, Permanent
- Competitive salary
Job Description:
Cyber Threat Specialist (Blue Team) – Financial Services – London – Hybrid – Excellent Overall Package
The role
Join a leading financial services client as a Cyber Threat Specialist (Blue Team) and help strengthen a critical Threat Detection & Response function. You will be a key member of the Threat Detection & Response team, focusing on defensive security across complex, business-critical environments. Working closely with engineering, infrastructure and security teams, you will help design, implement and optimise high-fidelity detections, investigate incidents, and contribute to continuous improvement of cyber defences.
What you’ll be doing
*Deliver hands-on detection engineering, incident response, threat hunting, security engineering and threat intelligence activities.
*Investigate and respond to security incidents across host, identity, email, SaaS and cloud workloads.
*Use and tune security tooling such as EDR, DLP, SIEM and SOAR to improve detection and response effectiveness.
*Apply frameworks such as MITRE ATT&CK and the cyber kill chain to map, detect and disrupt attacker tradecraft.
*Leverage offensive tooling (Kali, Cobalt Strike, Metasploit, Bloodhound, Mimikatz, etc.) to understand and defend against real-world attack techniques.
*Contribute to secure architectures across networks, operating systems and cloud platforms.
What we’re looking for
*Minimum of 3 years’ hands-on experience in at least two of: detection engineering , incident response, digital forensics, security operations, threat hunting, threat intelligence, with exposure to the others.
*Strong experience with security tooling: EDR, DLP, SIEM, SOAR.
*Solid background in threat investigation and incident response.
*Good understanding of MITRE ATT&CK, cyber kill chain and common attacker tradecraft.
*Familiarity with offensive tools such as Kali, Cobalt Strike, Metasploit, Bloodhound, Mimikatz.
*Strong knowledge of networking and security protocols (TCP/IP, HTTPS, DNS, firewalls, proxies).
*Experience with Windows and Linux/Unix (Kubernetes exposure a plus).
*Scripting or programming skills in Bash, Python or PowerShell.
*Exposure to CI/CD tools and cloud platforms (e.g. Ansible Tower, Bitbucket, Pipelines, Azure).
*Understanding of secure network architectures and related technologies.
How to apply
If you’re interested and think you align with this opportunity, please apply with an updated CV.
The role
Join a leading financial services client as a Cyber Threat Specialist (Blue Team) and help strengthen a critical Threat Detection & Response function. You will be a key member of the Threat Detection & Response team, focusing on defensive security across complex, business-critical environments. Working closely with engineering, infrastructure and security teams, you will help design, implement and optimise high-fidelity detections, investigate incidents, and contribute to continuous improvement of cyber defences.
What you’ll be doing
*Deliver hands-on detection engineering, incident response, threat hunting, security engineering and threat intelligence activities.
*Investigate and respond to security incidents across host, identity, email, SaaS and cloud workloads.
*Use and tune security tooling such as EDR, DLP, SIEM and SOAR to improve detection and response effectiveness.
*Apply frameworks such as MITRE ATT&CK and the cyber kill chain to map, detect and disrupt attacker tradecraft.
*Leverage offensive tooling (Kali, Cobalt Strike, Metasploit, Bloodhound, Mimikatz, etc.) to understand and defend against real-world attack techniques.
*Contribute to secure architectures across networks, operating systems and cloud platforms.
What we’re looking for
*Minimum of 3 years’ hands-on experience in at least two of: detection engineering , incident response, digital forensics, security operations, threat hunting, threat intelligence, with exposure to the others.
*Strong experience with security tooling: EDR, DLP, SIEM, SOAR.
*Solid background in threat investigation and incident response.
*Good understanding of MITRE ATT&CK, cyber kill chain and common attacker tradecraft.
*Familiarity with offensive tools such as Kali, Cobalt Strike, Metasploit, Bloodhound, Mimikatz.
*Strong knowledge of networking and security protocols (TCP/IP, HTTPS, DNS, firewalls, proxies).
*Experience with Windows and Linux/Unix (Kubernetes exposure a plus).
*Scripting or programming skills in Bash, Python or PowerShell.
*Exposure to CI/CD tools and cloud platforms (e.g. Ansible Tower, Bitbucket, Pipelines, Azure).
*Understanding of secure network architectures and related technologies.
How to apply
If you’re interested and think you align with this opportunity, please apply with an updated CV.
Job number 3454960
Increase your exposure to recruiters with ProJobs
Thousands of recruiters are looking for you in the Job Master profile database, increase your exposure 4 times with a ProJob subscription
You can cancel your subscription at any time.