Use Case Analyst
Location: United Kingdom
CyberProof is a cyber security services and platform company whose mission is to help our customers react faster and smarter – and stay ahead of security threats, by creating secure digital ecosystems. CyberProof automates processes to detect and prioritize threats early and respond rapidly and decisively. CyberProof is part of the UST Global family. Some of the world’s largest enterprises trust us to create and maintain secure digital ecosystems using our comprehensive cyber security platform and mitigation services.
We are seeking a skilled and experienced Use Case Analyst to join our onboarding team.
Description/ What will you do?
- Use Case design, threat detection logic definition & Use Case documentation
- Maintain & manage Use Case list whilst providing monthly coverage analysis
- Provide training to Customer SOC analyst on the Use Cases and the response procedures
- Create and document response procedures for each Use Cases aligned to customer's IR process
- Develop Use Case migration planning, aligned to Use Case decision tree
- Lead content strategy and threat scenario workshops
- Create Use Case baseline and coverage mapping
- Identify areas for optimizing Use Cases and fine tune threat detection logic
- Identify data sources for Use Case development
- Alert enrichment and response automation planning
- Two or more years of experience working in Risk Management. This should include evaluating business risk using one on more well-established Risk Frameworks such as FAIR, The NIST RMF (800-37), ISO 27005, or ENISA RM/RA Framework. This may also be met by 2 or more years’ experience in the implementation of an ISMS such as ISO-27001
- Working understanding of the tools and processes of a Security Operations Center. It is preferred to have at least 2 years working in a SOC, but this can be substituted with 5 or more years as a Solutions Architect in an MSSP or similar capacity.
- Two or more years of Penetration Testing experience or forensic investigation experience. This direct experience can be substituted with Penetration and Hacking certifications, demonstrated knowledge of hacking tools and methods, and 5 or more years as a sales engineer with an organization providing such services.
- Strong understanding of the MITRE Framework.
- Proven Business Analytic skills in customer facing roles.
- Free thinker and ability to find creative ways to detect unwanted incidents through the evaluation of “non-standard” environmental events.
- Excellent English language communications skills both oral and written.
- Intermediate to Expert skills in Microsoft tools (Word, Excel, PowerPoint), and a confident presenter of ideas and concepts.
- Certifications including: CRISC, C|CISO, CISM, CISA, DoD RMF, GPEN, GXPN, CEH, GCIA, etc.
- Experience in managing a P&L center basic working knowledge of business financials.