IT Security Analyst III

Location Name London, UK - 1st Floor, 106 Leadenhall Street
Date Posted
4 months ago(10/26/2020 12:41 PM)
Berkley Technology Services UK LLC
Primary Location
Information Technology

Company Details

Berkley Technology Services_Logo


Berkley Technology Services (BTS) is a dynamic company committed to providing world class IT services. We offer a unique culture, enabling our team members to be on the cutting edge of technology while delivering high quality solutions. Our functions include working with various third parties to develop, integrate, and support insurance systems of WRBC's operating units. BTS strives to provide these functions in a holistic manner including helpdesk support, system connectivity, and operational support. Additional responsibilities include coordinating communications regarding best practices in the use of our supported systems and researching new technology. BTS is constantly growing and expanding to meet the changing demands of one of the most successful insurance organizations in the world.


The Tier III Security Analyst - SME position is assigned to the Security Operations Team. The primary purpose of this position is to be force multiplier to proactively identify, investigate, respond, contain, and report on cyber incidents by using pattern recognition, data sets, communication, forensics, and analytics.  This position involves leadership duties and responsibilities that must continue to be performed during crisis situations and contingency operations, which may necessitate extended hours of work.


Primary Duties & Responsibilities:

  • Demonstrated leadership in directing and conducting research efforts, including prior experience as lead Investigator.
  • Strong background in computer/network security concepts and technologies, including extensive knowledge of enterprise security operations and computer network vulnerabilities and exploits.
  • Experience writing technical reports and presenting results to leadership.
  • Identify deficiencies in security posture and develop, administer, and participate in action plans to address these gaps.
  • Facilitate effective communication between project/program stakeholders
  • Experience in managing large-sized projects/programs across multiple disciplines and/or teams.
  • Advanced-level understanding of business risk and how to properly advise a customer through critical situations
  • Strong team orientation, collaboration skills, and interpersonal skills
  • Adept at helping team members harness and develop strengths in pursuit of successful program outcomes
  • Proven problem-solving, critical thinking, and decision-making skills
  • Excellent interpersonal and communication skills, and proven ability to work effectively with all organizational levels
  • Conduct analysis of network traffic and host activity across a wide array of technologies and platforms Perform general SIEM monitoring, analysis, content development, and maintenance
  • Conduct and drive incident response activities such as host triage and retrieval, malware analysis, remote system analysis, end-user interviews, and remediation efforts
  • Compile detailed investigation and analysis reports for internal SOC consumption and delivery to leadership
  • Track threat actors and associated tactics, techniques, and procedures (TTPs) by capturing intelligence on threat actor TTPs and developing countermeasures in response to threat actors
  • Analyze malicious campaigns and evaluate the effectiveness of security technologies
  • Provide forensic analysis of network packet captures, DNS, proxy, Netflow, malware, host-based security and application logs, as well as logs from various types of security sensors
  • Conduct and provide computer forensic analysis of system memory and disk images
  • Coordinate threat hunting activities across the network, leveraging intelligence from multiple internal and external sources, as well as cutting-edge security technologies
  • Hunt for and identify threat actor groups and their techniques, tools, and processes
  • Identify gaps in IT infrastructure by mimicking an attacker's behaviors and responses
  • Provide analytic investigative support of large scale and complex security incidents
  • In depth understanding of cloud service providers (CSP) security offerings
  • Understanding of and ability to perform malware reverse engineering
  • Effective at utilizing sandbox technologies to detonate malware samples

Minimum Qualifications:  

  • Strong understanding of Lockheed Martin’s Kill Chain
  • In depth knowledge of MITRE ATT&K matrix
  • Advanced understanding of networking concepts and ability to analyze network artifacts
  • Effective communication across technical silos
  • 8-10+ years of actual work-related experience in the field of Information Security
  • Experience with SIEM solutions (preferably Splunk or similar tool) search language, techniques, alerts, dashboards, report building, and creation of automated log correlations.
  • 8-10+ years of relevant cybersecurity experience in IT Security, Incident Response, or network security with a strong knowledge working in a SOC
  • The ability to write well and convey information to the intended audience in an easily understood manner
  • A bachelor's degree in Information Systems, Network Security, Computer Science or related IT-field is required.
  • Required Splunk Fundamentals I &II Training or Certification
  • One or more relevant industry cybersecurity certifications preferred (GCIA, GCIH, GREM, CEH, etc.)


Working Conditions and Physical Requirements:

  • Ability to sit at a desk and work on a computer for extended periods of time
  • May occasionally lift and/or move up to 10 pounds.
  • Vision abilities required by this job include close vision and ability to adjust focus.


Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed

Connect With Us!

Not ready to apply? Connect with us for general consideration.