Cyber Incident Response Lead
- Legal & Compliance
- Permanent
- Home
- Full Time
- Ruddington
As a member of Experian's Global Security Office (EGSO) / Cyber Fusion Center (CFC) you will respond, contain, escalate, investigate, and coordinate mitigation of security events relative to anomalies detected and escalated by the Cyber Fusion Centre (CFC) according to Experian's Incident Response Plan. This team member will join a new, growing team of specialized, advanced responders to support escalations of complex or prioritized matters from Experian's existing 24x7 security monitoring and response functions responsible for responding to and analysing security incidents involving threats targeting Experian information assets.
These threats may include phishing, malware, network attacks, suspicious activity. Also, you will involve working with end-users, partners, technical support teams, and management to ensure remediation and recovery from these threats. Use analytics & data collected from endpoints, environmental logging, and a variety of other sources to maximise containment and eradication of threats, while expediting recovery of the business.
Please note you will have a regular Monday – Friday schedule and expectation to participate in on-call schedule or work outside of normal work hours to manage cybersecurity incidents.
You will report to the CFC Senior Director of Incident Management and Security Operations.
Main Responsibilities include:-
- Conduct advanced incident response activities to investigate and contain complex and larger-scale cybersecurity matters (such as potential major severity incidents)
- In the event of investigative matters requiring additional analytical support from teams such as Forensics and Cyber Threat Hunt workstreams across the teams and hold responsibility for expressing the CFC's overall understanding of the timeline of attacker activity so that appropriate containment and remediation actions can be coordinated
- Respond to Security to cyber security events and alerts associated to threats, intrusions, and compromises per any applicable SLOs.
- Manage multiple cases related to security incidents throughout the incident response lifecycle; including Analysis, Containment, Eradication, Recovery, and Lessons Learned.
- Maintain case documentation, including notes, analysis findings, containment steps, and cause for each assigned security incident.
- Maintain an understanding of common Operating Systems (Windows, Linux, Mac OS), Security Technologies (Anti-Virus, Intrusion Prevention), and Networking (Firewalls, Proxies)
- Interpret device and application logs from a variety of sources (e.g. Firewalls, Proxies, Web Servers, System Logs, Splunk, Packet Captures) to identify cause and determine next steps for containment, eradication, and recovery.
- Provide Advanced Support to analysts (Logs review, IP Block question). Mentor other analysts (process question, tool usage)
Internal Grade D
Experian is a global data and technology company, powering opportunities for people and businesses around the world. We help to redefine lending practices, uncover and prevent fraud, simplify healthcare, create marketing solutions, and gain deeper insights into the automotive market, all using our unique combination of data, analytics and software. We also assist millions of people to realise their financial goals and help them save time and money.
We invest in people and new advanced technologies to unlock the power of data. As a FTSE 100 Index company listed on the London Stock Exchange (EXPN), we have a team of 22,500 people across 32 countries. Our corporate headquarters are in Dublin, Ireland.
Find out what its like to work for Experian by clicking here
- Must have knowledge of network protocols (TCP/IP, UDP, ICMP), standard protocols (HTTP/S, DNS, SSH, SMTP, SMB), wireless networking, networking infrastructure, and network topologies (DMZ, VPN, WAN) and network technologies (WAF, IPS, Routers, Firewalls)
- Experience with commercial & opensource SIEMs, full packet capture tools, and network analysis tools (Splunk, Wireshark, SOF-ELK)
- Have a demonstrated knowledge of common intrusion methods and cyber-attack tactics, techniques, and procedures (TTPs).
- Exhibit skills using common Incident Response and Security Monitoring applications such as SIEM (Splunk), EDR (FireEye HX, CrowdStrike Falcon, McAfee mVision EDR.), WAF, IPS
Benefits package includes:
- Flexible work environment, working hybrid or in the office if you prefer.
- Great compensation package and discretionary bonus plan
- Core benefits include pension, bupa healthcare, sharesave scheme and more
- 25 days annual leave with 8 bank holidays and 3 volunteering days. You can purchase additional annual leave.
Experian is proud to be an Equal Opportunity and Affirmative Action employer. Innovation is an important part of Experian's DNA and practices, and our diverse workforce drives our success. Everyone can succeed at Experian and bring their whole self to work, irrespective of their gender, ethnicity, religion, colour, sexuality, physical ability or age. If you have a disability or special need that requires accommodation, please let us know at the earliest opportunity.
Find out what its like to work for Experian by clicking here
#LI-Remote
Experian Careers - Creating a better tomorrow together
Find out what its like to work for Experian by clicking here
Explore Experian's award winning 'people first' culture.
Being part of Experian is exciting. Every day brings new challenges, new opportunities, new ways for us to do what we do best: using our innovative technologies and data to work in new and surprising ways. All brought together in a single thought: Discover the Unexpected.
Learn moreRecommended Jobs
Salary
Location
Cyberjaya, Malaysia
Experience Level
Executive
Employment
Permanent
Location
Cyberjaya
Role Type
Hybrid
Schedule
Full Time
Department
Product Development
Brand
Experian
Remote working available
No
Description
In this role, you will be responsible for designing, developing, testing, and maintaining high-quality applications across multiple platforms. You will work closely with Product Owners, Technical Lead
Reference
f82d906d-176e-48dd-ab6c-3865b1c49984
Expiry Date
01/01/0001
Salary
Location
São Paulo, Brazil
Experience Level
Not Applicable
Employment
Permanent
Location
Sao Paulo
Role Type
Hybrid
Schedule
Full Time
Department
Legal & Compliance
Brand
Serasa Experian
Remote working available
No
Description
Job description Esta posição é responsável por supervisionar todas as atividades em andamento relacionadas ao desenvolvimento, implementação, manutenção e adesão às políticas e procedimentos globais q
Reference
c76cf7cc-53cd-4d03-bdef-4b5da828a041
Expiry Date
01/01/0001
Salary
Location
Blumenau, Brazil
Experience Level
Not Applicable
Employment
Permanent
Location
Blumenau
Role Type
Hybrid
Schedule
Full Time
Department
Sales & Business Development
Brand
PagueVeloz
Remote working available
No
Description
Atuar de forma analítica, estratégica e proativa na operação da PagueVeloz, promovendo a melhoria contínua dos processos, utilizando dados para gerar insights e apoiar a tomada de decisões. Ser referê
Reference
a58f0171-40d2-4930-8723-899172d30e75
Expiry Date
01/01/0001
Salary
Location
Bogotá, Colombia
Experience Level
Not Applicable
Employment
Permanent
Location
Bogota
Role Type
Hybrid
Schedule
Full Time
Department
Analytics
Brand
Experian
Remote working available
No
Description
Propósito del cargo:Apoyar en la generación de insights a partir del análisis y transformación de datos, identificando patrones y oportunidades de mejora para convertirlos en recomendaciones accionabl
Reference
961fb9a3-3012-4787-aff2-aa7ef3659868
Expiry Date
01/01/0001
Salary
Location
Recife, Brazil
Experience Level
Not Applicable
Employment
Permanent
Location
Recife
Role Type
Hybrid
Schedule
Full Time
Department
Product Development
Brand
Serasa Experian
Remote working available
No
Description
Documentar, otimizar e manter especificações, componentes, código-fonte, módulos e recursos das funcionalidades desenvolvidas. Code Review de demais integrantes da squad, reforçando a importância da q
Reference
626ad410-6f06-4312-b18d-71cd5890534a
Expiry Date
01/01/0001
Salary
Location
Hyderabad, India
Experience Level
Not Applicable
Employment
Permanent
Location
Hyderabad
Role Type
Hybrid
Schedule
Full Time
Department
Product Development
Brand
Experian
Remote working available
No
Description
About the Role:Experian is looking for an experienced Scrum Master to join our dynamic team. You will facilitate Agile ceremonies, remove impediments, and support Scrum teams while also handling light
Reference
96a35f61-1978-469f-bd2d-cf8aa27aa9df
Expiry Date
01/01/0001
Salary
Location
São Paulo, Brazil
Experience Level
Not Applicable
Employment
Permanent
Location
Sao Paulo
Role Type
Hybrid
Schedule
Full Time
Department
Data Management
Brand
Serasa Experian
Remote working available
No
Description
Nossa área está no escopo da ISO-9001, com processos descritos e bem definidos, e estamos em busca de pessoas dispostas a aprender as regras de negócio, ferramentas utilizadas e capacidade de articula
Reference
5921c791-971b-4bfd-af60-6dc5fc6b1f86
Expiry Date
01/01/0001
Salary
Location
Hyderabad, India
Experience Level
Not Applicable
Employment
Permanent
Location
Hyderabad
Role Type
Hybrid
Schedule
Full Time
Department
Product Development
Brand
Experian
Remote working available
No
Description
We are looking for a experienced Azure Cloud DevOps Engineer to join our team. You have a strong background in DevOps practices, cloud solutions, and network engineering in Microsoft Azure. Your role
Reference
44b87338-6d03-4e19-b0ba-2a3c6a935976
Expiry Date
01/01/0001
Salary
Location
Sofia, Bulgaria
Experience Level
Mid-Senior Level
Employment
Permanent
Location
Sofia
Role Type
Hybrid
Schedule
Full Time
Department
Product Development
Brand
Experian
Remote working available
No
Description
As a Digital Analytics Specialist, you will help guide data-driven decision-making within our global platform and product teams.Reporting into Senior UX Researcher your primary responsibility will be
Reference
dfdb6f47-4830-4b0b-ad13-4e2265708d70
Expiry Date
01/01/0001
Salary
Location
Sofia, Bulgaria
Experience Level
Mid-Senior Level
Employment
Permanent
Location
Sofia
Role Type
Hybrid
Schedule
Full Time
Department
Product Development
Brand
Experian
Remote working available
No
Description
We are looking for Senior Software Engineer with Java to join PowerCurve Collections Software Engineering Group. PowerCurve® Collections is our debt management system that enables our clients to maxi
Reference
537303d1-38da-4e37-a172-94dd9f5334ea
Expiry Date
01/01/0001
Salary
Location
Sofia, Bulgaria
Experience Level
Mid-Senior Level
Employment
Permanent
Location
Sofia
Role Type
Hybrid
Schedule
Full Time
Department
Finance
Brand
Experian
Remote working available
No
Description
As a Junior Financial Analyst you will provide support to the assigned region across management and general accounting, financial analysis, reporting, forecasting and the conversion of data into manag
Reference
9499bef8-cb4f-4e99-9024-d2f90bd5d6bc
Expiry Date
01/01/0001
Salary
Location
Sofia, Bulgaria
Experience Level
Mid-Senior Level
Employment
Permanent
Location
Sofia
Role Type
Hybrid
Schedule
Full Time
Department
Legal & Compliance
Brand
Experian
Remote working available
No
Description
Reporting to the Senior Controls Testing Manager, the Global ICFR Testing Manager will drive the testing methodology, including the risk assessment, planning and execution of assurance activity over c
Reference
56648468-f5be-4721-883b-5ed9efa971fb
Expiry Date
01/01/0001
Salary
Location
São Paulo, Brazil
Experience Level
Not Applicable
Employment
Permanent
Location
Sao Paulo
Role Type
Hub
Schedule
Full Time
Department
Sales & Business Development
Brand
Serasa Experian
Remote working available
No
Description
Área: PMESubárea: Inside SalesResumo da função: Este profissional realizará vendas de produtos digitais via canais de voz e digitais, prospectará novos clientes B2B (empresas), apresentará soluções d
Reference
ceaee15c-e815-43aa-ae54-b659917c8bac
Expiry Date
01/01/0001
Salary
Location
Cyberjaya, Malaysia
Experience Level
Internship
Employment
Contract
Location
Cyberjaya
Role Type
Hybrid
Schedule
Full Time
Department
Human Resources
Brand
Experian
Remote working available
No
Description
What you’ll need to bring to the roleIdentifying improvements and document stakeholder needs and business requirementsResearch, analyse and interpret complex information to support the redesign of an
Reference
cb09156e-74d9-45e3-b5a2-4b5c7f83e698
Expiry Date
01/01/0001
Salary
Location
Nottingham, England
Experience Level
Not Applicable
Employment
Permanent
Location
Nottingham
Role Type
Hybrid
Schedule
Full Time
Department
Legal & Compliance
Brand
Experian
Remote working available
No
Description
The Group Risk Operational Risk Manager is an important role within the Operational Risk team which forms part of the wider Group Risk Function.Reporting into our Global Head of Operational Risk, you
Reference
ba03a05a-7f66-4e3b-ab7f-3cee3f6586f7
Expiry Date
01/01/0001
Salary
Location
London, England
Experience Level
Not Applicable
Employment
Permanent
Location
London
Role Type
Home
Schedule
Full Time
Department
Sales & Business Development
Brand
Experian
Remote working available
No
Description
Experian's B2B Go-To-Market function is looking for a Pre-Sales Consultant with deep expertise in Know Your Business (KYB), Perpetual KYB (pKYB) and KYC and Financial Crime data solutions to support o
Reference
4029f226-849a-4818-ad9d-a922a7babd72
Expiry Date
01/01/0001