Senior Incident Response Analyst
TransUnion UK provides the data, analytics and software that enable businesses to build more valuable customer relationships.
We specialise in managing consumer data for businesses across every sector. We focus on developing innovative products and services that help businesses make smarter and more informed decisions throughout the customer lifecycle.
We’re TransUnion and we believe in Information for Good
About the Role:
This role is a senior member of the TransUnion Global Incident Response Team focused on helping command incident response activities across multiple global offices, working with teams to reduce and control the attack service of a large multinational company. This role will be primarily engaged in hunting and research activities when not leading response efforts to complex attacks against TransUnion.
- Execute incident response processes to respond to security threats and attacks.
- Proactive threat hunting activities leveraging intelligence from multiple internal and external sources.
- Help creation detection mechanisms and rules based on investigations that are owned by Incident Response.
- Assist in the design, evaluation, and implementation of new security technologies focused on deception technologies, cloud and containerized environments.
- Conduct IR tabletops and blue team scenarios globally to test the organisation’s security posture
- Global travel will be required from time to time
- Extensive experience in several cyber security disciplines
- Experience identifying, investigating, and responding to complex attacks
- Experience with investigative technologies such as SIEM, packet capture analysis, host forensics and memory analysis tools.
- Strong understanding of the threat landscape in terms of the tactics, techniques and procedures of threat actors employing both commodity and custom malware
- Understanding of networking and security fundamentals and administration of Windows, Unix/Linux, and Macintosh
- Incident Response experience at scale, the use of automation, scripting manual responses when needed and API usage.
- Help conduct IR tabletop exercises and blue team scenarios globally.
We’d love to see:
- Experience with containerised environments, such as Docker and Kubernetes.
- Knowledge of one or more programming and scripting languages.
- Experience with protecting and responding to incidents within the open source security stack.
- Conducted your own research into emerging technologies, and maybe published a blog or two!
- Have an ability to not only use enterprise tools to accomplish the objectives, but can achieve the same outcomes using other means, including manual investigations.
What’s in it for you?
At TransUnion you will be joining a friendly, forward thinking global business.
As well as a competitive salary, our benefits package includes 26 days’ annual leave (plus bank holidays) a generous contributory pension scheme, private health care and a host of other employee lifestyle benefits.
We take Corporate Social Responsibility seriously; our TU Good Works scheme supports communities around the world by advancing financial inclusion and education.
Remote Interview & Hiring Process
Protecting the health and wellness of our colleagues and candidates considering a career at TransUnion is our highest priority. Our recruitment and on-boarding experience for this role is fully virtual for the time being. Candidates interviewing will get to know our team over the phone and video, and this role will operate virtually upon hire until we return to the office. Even though we're not physically together right now, our goal is to provide you a supportive candidate and on-boarding experience that will immerse you in our culture and set you up for success at TransUnion.
You may have experience of the following: Senior Incident Response Analyst, Incident Response Analyst, IT Major Incident Analyst, IT Security Incident Manager, Incident & Problem Analyst, Cyber Incident Response Analyst, Incident Management Analyst, Cyber Security Incident Advisor, CISM, CISA, CISSP, IT Security Analyst, IT Security Lead, etc.