Lead Security Analyst

Company Description:

Camlin is a global technology leader that operates with the vision of bringing revolutionary products to life for a wide range of industries, including power and rail, and also has interests in a number of R&D projects in a variety of scientific sectors.

At Camlin we believe in high quality engineering and design, allowing us to develop market leading products and services. In short, we love creating value for our customers by solving difficult problems. As of today, the Camlin operation spans over 20 countries across the globe.

Camlin Group is looking for Information Security Professionals to join its Security Team at its Lisburn office. The successful applicant can expect to join a growing team and will report to the Information Security Officer. While being able to work closely with others, he or she will also need to demonstrate the ability to work independently. 

Role and Responsibilities:

• Candidate for this position will become part of an Information Security Team. 

• Ensure proper monitoring and response plans are in place for corporate (Fortinet) and customer (AWS) environments to enable the timely and effective response to, and management of, incidents, alarms, notifications, calls, and other activities related to the NSOC and new cyber threats. 

• Lead the vulnerability management process to ensure that vulnerabilities are detected, escalated, and remediated for both the customer and corporate environments. 

• Lead the Threat Intelligence process, document and report out to key stakeholders. 

• Work with Engineering, DevSecOps, Software and IT teams in relation to identifying and patching vulnerabilities. 

• Develop processes, procedures and playbooks to improve the operational effectiveness and efficiency of the vulnerability management process. 

• Analyse lessons learned and produce thorough documentation on complex incidents focussing on the improvements that can be made to processes, playbooks, and tooling. 

• Define and implement the NSOC roadmap and monitoring strategy. 

Essential Requirements include:

• At least 5 years of practical experience leading a team of security analysts.  

• Can operate in a fast-paced, global security operations environment. Be diligent, with great attention to detail, and able to cope successfully under pressure and with shifting priorities.  

• Proven ability to work independently on resolving complex issues, assisted by the Information Security Manager, IT and DevSecOps. 

• Excellent experience with the Threat Landscape, Threat Hunting, Adversary Methodologies, Cyber Defence and MITRE attack framework. 

• Significant previous experience working in a lead role in one of the following security areas: NSOC Analyst, Threat Analyst with the ability to create new operational guidelines, processes, and procedures.  

• Experience with e.g Fortinet Suite, AWS SecurityHub, AWS Inspector, FortiAnalyzer, DataDog or similar tools. 

• Able to script in python to deal with OS, files, and security operations requirements.  

• Good knowledge of Linux and Windows OS vulnerabilities. 

• Good knowledge of vulnerabilities in 3rd party libraries used in software development. 

Desired Requirements include:

• Working knowledge of ISO 27001:2013/2022, GDPR, Cyber Essentials & Cyber Essentials Plus. 

• Experience of network/switch/firewall management & configuration. 

• Advanced understanding and demonstrable experience of networking principles, IT architecture and security architecture. 

• Shift management: Managing shifts and team in a 24/7 SOC environment. 

• GitHub or GitLab account to show previous work and tools development. 

Personal Attributes:

• A good team player capable of delivering results under pressure and to strict deadlines. 

• Excellent communication and documentation skills. 

• Organised and willing to document and drive process and procedure. 

• A positive, "can do", enthusiastic attitude towards addressing the technical challenges facing Camlin Group. 

• Conscientious individual demonstrating attention to detail along with high levels of ownership and commitment.  

• Motivation to create high quality products and systems and learn new skills. 

Nice to have:

• Participated in bug bounty programs. 

• Have public CTF record. 

• Have public blog. 

• Contributed to the Open-Source community. 

• Knowledge of Digital Forensics