Security Consultant - MDR

Overview

Security Consultant - MDR

This company is an Industry Leader in Cybersecurity services and solutions. They are also CREST Accredited for the provision of Penetration Testing (Pentest) services.

This is a technical lead position inside the Managed Detection & Response service. In this role, you will lead intricate investigations, working directly with customers to assist them in investigating and responding to security incidents. As a senior team member, you will mentor less experienced analysts and drive continuous improvement in our detection and response capabilities. This position requires a strong foundation in cybersecurity operations, a deep understanding of various security solutions commonly deployed in enterprise environments (such as SIEM and XDR), and the ability to train others and develop complex processes and procedures to increase service efficiency.

Responsibilities

• Lead triage and full lifecycle investigation of high-severity security incidents (endpoint, network, cloud).
• Coordinate responders, perform containment / remediation decisions, drive post-incident RCA and lessons learned.
• Design, implement, test and tune detections across EDR, NDR, SIEM, and cloud logs; map detections to MITRE ATT&CK.
• Create and maintain playbooks / runbooks and SOAR automations to reduce MTTR and analyst load.
• Develop and maintain detection coverage metrics and SLAs; own escalations and communication with customers for incidents.
• Mentor and train Tier 1 / 2 analysts; conduct quality reviews of investigations and escalate when appropriate.
• Contribute to the development, documentation, analysis, testing, and modification of threat detection systems and playbooks.
• Provide feedback on gaps or improvements needed in processes, documentation, or technology.
• Maintain an up-to-date knowledge of threat actor techniques and tools and share insights and best practices with the broader team, championing a culture of continuous learning.

Requirements

#J-18808-Ljbffr