Cyber Threat Hunting Manager

  • Job Reference: R-00150514
  • Date Posted: 12 May 2022
  • Employer: RBS
  • Website: http://www.jobs.rbs.com
  • Location: Edinburgh
  • Salary: On Application
  • Sector: I.T. & Communications
  • Job Type: Full Time

Job Description

Join us as a Cyber Threat Hunting Manager

  • You'll be responsible for the proactive detection and analysis of cyber threats, working closely with the Security Operations Centre and Threat Intelligence teams to drive action and remediation
  • This is an opportunity to take on a technical role and make a tangible impact on our Security function
  • Hone your existing technical skills and advance your career, and benefit from valuable exposure as you build and maintain a wide network of stakeholders of varying seniority

What you'll do

Working within the wider Cyber Defence and Security Response function, you’ll be on the front line for protecting our services. As a technical subject matter expert, your role will include researching cyber adversaries and their tooling and tactics, performing threat hunting and developing new detection capabilities. 

In addition, you’ll be deeply involved in red and purple team activities and aid in the evaluation of new and emerging technologies or capabilities in a fast paced environment. 

You’ll also:

  • Undertake ongoing threat hunting and evolve our capabilities in line with the changing threat landscape
  • Perform holistic analysis of security data to identify threats or control weaknesses, provide subject matter expert knowledge to current events and incidents and make recommendations for mitigation
  • Support and develop our custom hunting toolsets and dashboards
  • Implement new capabilities and use cases utilising all available data sets and tooling to maximise our investment
  • Develop an approach and capability to further perform threat hunting across common cloud environments
  • Lead project teams to implement new capabilities aimed at improving our defences
  • Create and maintain documentation in line with the bank’s standards

The skills you'll need

To succeed in this role, you’ll need strong security knowledge, ideally with hands on technical experience of operating security detection capabilities such as Splunk, EDR technologies, Microsoft Defender products, as well as knowledge of threat hunting methodologies.

In addition, you’ll need excellent communication skills, both written and verbal, and the ability to translate complex technical concepts clearly to your peers and management level colleagues. And although financial experience isn’t essential, you’ll ideally have experience of working in a large complex organisation.

You’ll also need:

  • Experience of working in a product or platform owner role, with the ability to define and drive product roadmaps and to deliver complex technical solutions to agreed deadlines
  • Proven experience in cloud environments and technologies, specifically in AWS, GCP or Azure
  • Experience of leading or consulting on projects to provide technical subject matter expert input, coupled with strong organisational skills
  • Good collaboration and stakeholder management skills