Head of Cyber Threat Intelligence and Investigations

Pearson ,
London, Greater London

Overview

We're looking for a candidate to fill this position in an exciting company. Lead and Manage a global team of specialists Accountable for defining, implementing and running the global cyber security threat and investigations strategy and operating model. Setting the global CSTI framework, standards and procedures. Leading and directing the strategic and operational CSTI deliverables across the company globally. Demonstrate a deep understanding of digital forensic skills, techniques and tools Conduct detailed analysis of systems where breaches of critical IT infrastructure may have occurred and provide root cause analysis, impact assessments and rapid response to aid detection of those responsible and make recommendations to assist prevention of similar incidents. Develop processes and techniques for analysis of malware and detection of direct threats to the Firm. Assist with the development of in-house training programs to ensure world class high-tech investigation standards. Preserve network and host-based digital evidence in an industry accepted forensically sound manner Perform host-based digital forensics on Microsoft Windows based systems and other operating systems as necessary Usage of industry standard digital forensic and network monitoring tools in an enterprise environment Independently planning and executing forensic support for complex investigations and presenting clear and concise findings to a non-technical audience Provide clear reporting on current the company threat landscape Implement and lead delivery and operation of the company Threat Intelligence platform Manage the performance of the team by regular and consistent coaching, interim and annual reviews as well as corrective action planning and follow-up. (ie: productivity, quality, service) Set team objectives and provide mentorship to analysts Provide training and guidance for new hires and ensure all team members follow consistent processes Proactively identify process deficiencies, recommend corrective action plans, and drive implementation of solutions to enhance the company security monitoring and controls Work with global teams to drive efficiencies and provide feedback Experience working in the computer forensics, cybercrime investigation and other related fields Experience with Threat Intelligence and Incident Response processes Proficient in performing digital forensic investigations on a variety of platforms and operating systems with a deep understanding of digital forensics processes and tools. Proficient in performing live forensics acquisition/analysis, log-file analysis, network forensics and using forensic techniques to perform malware analysis. Proficient with investigating large data compromise events as well as online banking fraud. Knowledge of computer forensic best practices and industry standard methodologies for investigating network threats Experience working with industry standard tools (X-Ways, EnCase, Volatility, Rekall, Wireshark, SIFT etc.) Able to articulate and visually present complex forensic investigation and analysis results equally effectively to both industry professionals and internal business partners. Experience of Enterprise TIPS platform Excellent written and verbal communication skills Results driven, with a strong sense of accountability A pro-active, motivated approach while following management direction for task completion in time The ability to operate with urgency and prioritize work accordingly A structured and logical approach to solving business challenges Strong problem solving skills A creative and innovative approach to work The ability to manage workloads and tight deadlines Excellent attention to detail and accuracy Drive efficacy into all solutions delivered, demonstration clear and measurable results through the development of KPIs Drive innovation and best practice Strive for standardisation and simplification in all aspects of work Always cost conscious balancing the needs of the business against the provision of the best solutions possible Bachelor's Degree in Business, Computer Sciences, or equivalent prior work experience in a related field Holder of or willing to pursue certification in an information security related field. The following are recommended: CISSP, CISM, GSEC, GIAC, GPEN Industry standard digital forensics certifications (GCFA, GNFA, GCFE, CFCE, etc) are a plus. Industry standard information security technology certifications (GCIH, GREM, etc) are a plus. Memberships and participation in relevant professional associations.