Job Description

Calling all Cyber Security enthusiasts! As technology becomes more advanced so do cyber-attacks. Do not wait to apply after reading this description a high application volume is expected for this opportunity. Bright Purple are working with one of the UKs leading financial service providers who recognise this and are fighting back by having experts like yourself in their corner. We are looking for a well-rounded Cyber Security Specialist to develop new, stronger, and robust capabilities to protect their cust... .

Quick response

Required Knowledge

• K0001   Knowledge of computer networking concepts and protocols, and network security methodologies.
• K0004   Knowledge of cybersecurity and privacy principles.
• K0005   Knowledge of cyber threats an`d vulnerabilities.
• K0007   Knowledge of authentication, authorization, and access control methods.
• K0013   Knowledge of cyber defense and vulnerability assessment tools and their capabilities.
• K0033   Knowledge of host/network access control mechanisms (e.g., access control list, capabilities lists).
• K0046   Knowledge of intrusion detection methodologies and techniques for detecting host and network-based intrusions.
• K0056   Knowledge of network access, identity, and access management (e.g., public key infrastructure, Oauth, OpenID, SAML, SPML).
• K0058   Knowledge of network traffic analysis methods.
• K0061   Knowledge of how traffic flows across the network (e.g., Transmission Control Protocol [TCP] and Internet Protocol [IP], Open System Interconnection Model [OSI], Information Technology Infrastructure Library, current version [ITIL]).
• K0104   Knowledge of Virtual Private Network (VPN) security.
• K0111   Knowledge of network tools (e.g., ping, traceroute, nslookup)
• K0116   Knowledge of file extensions (e.g., .dll, .bat, .zip, .pcap, .gzip).
• K0160   Knowledge of the common attack vectors on the network layer.
• K0177   Knowledge of cyber attack stages (e.g., reconnaissance, scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks).
• K0221   Knowledge of OSI model and underlying network protocols (e.g., TCP/IP).
• K0260   Knowledge of Personally Identifiable Information (PII) data security standards.
• K0324   Knowledge of Intrusion Detection System (IDS)/Intrusion Prevention System (IPS) tools and applications.
• K0332   Knowledge of network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory services.

Required Skills

• S0025   Skill in detecting host and network based intrusions via intrusion detection technologies (e.g., Snort).
• S0027   Skill in determining how a security system should work (including its resilience and dependability capabilities) and how changes in conditions, operations, or the environment will affect these outcomes.
• S0054   Skill in using incident handling methodologies.
• S0147   Skill in assessing security controls based on cybersecurity principles and tenets. (e.g., CIS CSC, NIST SP 800-53, Cybersecurity Framework, etc.).

Required Abilities

• A0123  Ability to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
• A0128  Ability to apply techniques for detecting host and network-based intrusions using intrusion detection technologies.
• A0159  Ability to interpret the information collected by network tools (e.g. Nslookup, Ping, and Traceroute).