20 Cyber Security jobs in Ireland

Cybersecurity Team Lead Engineering & Construction Sector Dublin (Hybrid) This is a permanent role based in Dublin with a hybrid working model (23 days onsite). Youll lead a small InfoSec team while staying hands-on with tech, policy, and ISO27001 compliance. Responsibilities: Lead daily workload for a 3-person security operations team and support external MSSP coordination. Support and enhance ISO27001 processes, audits, and evidence collection. Act as first escalation point for incidents, risk assessments, and vulnerability management. Deliver ongoing cyber awareness training across the organisation. Provide regular reports to IT Security Manager and senior IT leaders. Requirements: 35 years of cybersecurity experience, ideally with some team leadership or coaching background. Strong hands-on knowledge of endpoint protection, SOC/MDR, and incident response. Good working knowledge of ISO and audit preparation. Excellent communication and stakeholder engagement skills. Degree in IT or Cyber Security, with Security+ / SSCP or similar certs preferred. If you are interested in the available position or would like more info on this and other available roles, please apply above or send an up to date CV to with Cybersecurity Team Lead Role as the heading and I will get back to you ASAP. Must have the right to work in Ireland. #LI-DS1 #CplTechnology25 #CyberSecurityJobs #ITSecurityLead #ISO27001 #SOC #MSSP #VulnerabilityManagement #IncidentResponse #SecurityAwareness #ITJobsIreland #SecurityTeamLead #CompTIA #SecurityPlus #DublinTechJobs Skills: Azure AWS ISO27001 NIST IAM

My client is looking for a Cyber Security Specialist with a minimum of 3 years experience to join their organisation based in Cork. This is a permanent role. Responsibilities: Monitor, detect, and respond to security incidents and threats across cloud and on-prem environments Perform risk assessments, vulnerability scans, and penetration testing Design and implement security protocols, firewalls, and endpoint protection strategies Collaborate with IT and DevOps teams to ensure secure development and deployment practices Ensure compliance with industry regulations Document and improve security policies and incident response procedures Skills and Experience: 3+ years of professional experience in a cybersecurity role (SOC, security analyst, engineer, or similar) Strong knowledge of network and application security best practices Experience with SIEM tools and endpoint protection platforms Proficiency in incident response, threat hunting, and log analysis Understanding of cloud security Certifications such as CISSP, CEH, CompTIA Security+ are highly desirable For more information, reach out today!

Location/Office Policy: Central Park, Hybrid (2 days a week in the office, moving to 3 days in office from Jan 2026) Are you passionate about navigating complex regulatory landscapes and ensuring compliance in a fast-paced environment? Do you have a keen eye for identifying potential risks and turning them into strategic opportunities for improvement? Are you ready to leverage your analytical skills to drive impactful decisions and contribute to our organization's success? What is the Role: The Cyber Defence & Response Coordinator will manage Cyber Defence projects and provide expertise. This role requires a background in IT, Project Management, and Governance, along with the enthusiasm to support Technology and Data teams. Responsibilities include overseeing regulatory engagements, managing Cyber Defence inspections, and assessing the impact of regulations on the function and the Bank. Key accountabilities; Manage and schedule penetration tests across various business units, aligning with operational timelines. Facilitate operational meetings to engage stakeholders, provide status updates, track dependencies, and resolve blockers for wider Cyber Security team. Ensure all key stakeholders are kept informed of testing progress, outstanding risks, and upcoming testing activities. Monitor changes in cyber security regulations such as DORA, NYDFS, and especially requirements around TLPT (Threat-Led Penetration Testing). Communicate regulatory changes effectively across relevant teams to ensure continued compliance. Maintain accurate tracking of all penetration test requests, execution plans, and remediation status using project tracking. Create and update high-quality slide decks and reporting packs for governance forums, steering committees, and senior leadership reviews. Drive continuous improvement in security testing processes, communication workflows, and stakeholder engagement practices. Leverage existing tooling and dashboards to support metrics, reporting, and governance visibility. What you Will Bring ; Experience in managing cyber security or IT risk projects, ideally within a regulated sector such as banking or insurance. Strong understanding of penetration testing, red teaming, and threat-led penetration testing processes. Familiarity with key regulations including DORA, NYDFS, and TLPT frameworks. Ability to communicate effectively with both technical and non-technical stakeholders. Proven ability to create professional reports and slide decks for senior stakeholders. Strong organizational skills with attention to detail and ability to manage multiple tasks concurrently. Proficiency in tools like MS PowerPoint, Excel, Jira, Confluence, or similar project tracking systems. Project Management certification (e.g., PMP, Prince2) preferred but not mandatory. Cybersecurity certifications are advantageous but not mandatory. Why Work for AIB: We are committed to offering our colleagues choice and flexibility in how we work and live and our hybrid working model enables our people to balance their time between working from home and their designated office, subject to their role, the needs of our customers and business requirements. Some of our benefits include; Market leading Pension Scheme Healthcare Scheme Variable Pay Employee Assistance Programme Family leave options Two volunteer days per year Please click here for further information about AIB's PACT - Our Commitment to You. Key Capabilities Ensures Accountability Drives Organisational Cohesion Instils Trust Operational Excellence Depth of Technical Knowledge Technical Leadership If you are not sure about your suitability based on any aspects of the role advertised, we encourage you to please contact the Recruiter for this role, Tim Stokes, at for a conversation. AIB is an equal opportunities employer, and we pride ourselves on being the first bank in Ireland to receive the Investors in Diversity Gold Standard accreditation from the Irish Centre for Diversity. We are committed to providing reasonable accommodations for applicants and employees. Should you have a reasonable accommodation request please email the Talent Acquisition team at Disclaimer: Unsolicited CV's sent to AIB by Recruitment Agencies will not be accepted for this position. AIB operates a direct sourcing model and where agency assistance is required, the Talent Acquisition team will engage directly with our recruitment partners. Application deadline : 31/07/2025 To be considered for this role you will be redirected to and must complete the application process on our careers page. To start the process, click the Apply button below to Login/Register.

**Lead Cyber Security AI Engineer**
**Innovate to solve the world's most important challenges**
Honeywell's Global Security (HGS) and Buildings Automation (BA) lead and influence a dynamic collective of professionals dedicated to refining product development through innovative engineering, strategic component selection, and establishing industry-leading cybersecurity through AI.
You will be part of Honeywell's BA team with the AI Cyber Center of Excellence and driving cybersecurity architecture in AI/ML/GEN-AI with a focus on Engineering solutions for endpoint, mobile, cloud, and standalone products. You will be first a risk and cybersecurity professionals with deep practical experience in testing, designing architecture, and product innovations with AI/ML/GEN-AI.
You will be responsible to develop the definition of good through hands on cyber testing, architecture design. In addition you will work with the CPSO of BA to develop an Engineering Gen AI strategy & roadmap; perform market research; partner with strategic vendors and incubate new technologies, ideas and techniques that will ensure BA and Honeywell are able to leverage the latest and the best in the industry; and continues to be cybersecure. You will also need to leverage existing Honeywell Technology ecosystem; Experts, CoPs and other Tech Forums to ensure adoption of best practices & ideas
**KEY RESPONSIBILITIES:**
+ Drive Honeywell COE Gen AI strategy. Establish current and future state landscape & roadmap with deep consideration of security, safety, and integrity of services.
+ Provide Subject Matter Expertise on Generative AI adoption and Impactful deployment for cybersecurity for internal architecture, third party integration, and custom models.
+ Collaborate with IT, Technical teams, Business SMEs for defining architectural cyber frameworks, common standards and solutions for product engineering
+ Work closely with researchers, developers, and data scientists to implement and optimize AI/ML models in production environments.
+ Perform Market Research to identify new opportunities, ideas and technology trends for adoption. Collaborate with Vendors and Industry leaders to accelerate adoption of latest technology trends and ideas that have strong business impact
+ Engage with Chiefs, Fellows, other Tech talents and Tech forums to bring alignment of Cyber across SBGs of engineering and IT and maximize cross leverage of best practices/ideas
+ Leverage existing BA and Honeywell ecosystem to collaborate and partner with Universities and Startups to accelerate New Idea evaluation and incubation. Participate in hackathons, and crowd sourcing platforms effectively to progress on cyber 'definition of good'
+ Coach & develop next set of Cyber Researchers, Data Scientists, Leads, Pen-Testers, and Engineering teams
**YOU MUST HAVE:**
+ Overall 10+ years of experience, out of which 5+ years of experience in cyber security identifying security risks, identifying best practices, and developing solutions
+ Solid understanding of machine learning concepts and algorithms, including supervised and unsupervised learning, deep learning etc.
+ Working knowledge in LLM models like Gemini, Llama, GPT, DALL-E and frameworks like LangChain & Vector databases like Faiss, Pinecone etc.
+ Ability to articulate, document, and produce guides, instruction, and present cybersecurity AI methods and techniques
+ Risk management and cybersecurity certifications and or experience
**NICE TO HAVE:**
+ Proficiency in Python, R, SQL, and common AI/ML frameworks and tools such as TensorFlow, PyTorch, Scikit-learn, etc.
+ Experience in fine-tuning LLM using LoRA/QLoRA techniques.
+ Develop APIs and microservices to support Gen AI/ML applications.
+ Strong understanding of cloud platforms, particularly GCP, AWS, Azure, for deploying AI applications.
+ Demonstrated experience in scaling AI/ML projects using MLOps practices for model lifecycle management
+ Ability to analyze complex data sets, derive insights, and solve sophisticated problems with innovative solutions.
+ Strong communication and presentation skills, with the ability to explain complex AI/ML concepts and results to both technical and non-technical audiences.
+ Strong understanding of Business Process, IT Industry Standards
+ Track record of innovation and leadership in productizing AI research
Honeywell helps organizations solve the world's most complex challenges in automation, the future of aviation and energy transition. As a trusted partner, we provide actionable solutions and innovation through our Aerospace Technologies, Building Automation, Energy and Sustainability Solutions, and Industrial Automation business segments - powered by our Honeywell Forge software - that help make the world smarter, safer and more sustainable.
Honeywell is an equal opportunity employer. Qualified applicants will be considered without regard to age, race, creed, color, national origin, ancestry, marital status, affectional or sexual orientation, gender identity or expression, disability, nationality, sex, religion, or veteran status.

About Northern Trust: Northern Trust, a Fortune 500 company, is a globally recognized, award-winning financial institution that has been in continuous operation since 1889. Northern Trust is proud to provide innovative financial services and guidance to the world's most successful individuals, families, and institutions by remaining true to our enduring principles of service, expertise, and integrity. With more than 130 years of financial experience and over 22,000 partners, we serve the world's most sophisticated clients using leading technology and exceptional service. Role/ Department: This role will sit in the newly formed Cyber Governance, Risk and Compliance (GRC) team within Northern Trust's Technology function (1st Line of Defence), and will focus on the measurement, analysis, oversight and reporting of cybersecurity risks and controls. The Cyber Governance Lead will be a skilled and detail-oriented specialist within the Cyber Risk team, and will be responsible for working with cyber subject matter experts to maintain cyber control standards, facilitating cyber governance committees and working groups, and assisting with management reporting for committee include the Board of Directors. The ideal candidate will combine expertise in cybersecurity, risk management and governance disciplines, with exceptional communication skills and strong attention to detail. The key responsibilities of the role include: Facilitate governance committees and working groups to ensure effective communication and decision-making processes. This includes planning meeting agendas, collecting and reviewing presentation materials, and managing meeting logistics. Maintain detailed and accurate records of committees and working groups, including minutes, action items, challenges, and decisions. Work with cyber subject matter experts to facilitate ongoing maintenance of cyber control standards to ensure compliance with regulatory requirements and industry best practices. Assist in preparing cyber reporting for committees and boards, ensuring accuracy and timeliness of information. Drive automation, analytics, and continuous improvement of processes Engage with a range of senior stakeholders across Lines of Defense to ensure appropriate oversight and reporting of cybersecurity risks Collaborate with cross-functional teams on cyber risk assessment and remediation activities Skills/ Qualifications: Proven experience in cybersecurity, with a focus on governances including committees and/or policies and standards Knowledge of cyber risk management frameworks and methodologies Strategic thinker with a strong understanding of cyber threats, vulnerabilities, and risk mitigation options Innovative thinker and adaptable to change Exceptional communication and presentation skills, capable of translating technical risk into business terms Excellent analytical, problem-solving, and decision-making skills Relevant certifications such as CISSP, CISM, CRISC or similar Working with Us: As a Northern Trust partner, greater achievements await. You will be part of a flexible and collaborative work culture in an organization where financial strength and stability is an asset that emboldens us to explore new ideas. Movement within the organization is encouraged, senior leaders are accessible, and you can take pride in working for a company committed to assisting the communities we serve! Join a workplace with a greater purpose. We'd love to learn more about how your interests and experience could be a fit with one of the world's most admired and sustainable companies! Build your career with us and apply today. #MadeForGreater Reasonable accommodation Northern Trust is committed to working with and providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation for any part of the employment process, please email our HR Service Center at . We hope you're excited about the role and the opportunity to work with us. We value an inclusive workplace and understand flexibility means different things to different people. Apply today and talk to us about your flexible working requirements and together we can achieve greater.

MCS Group is seeking a Cyber Security Governance and Reporting Lead to join their client, a thriving and well-established organisation with headquarters in Dublin. This position is a 12 month Fixed Term Contract into permanency as is standard in the organisation. With multiple projects in the pipeline and a growing team, this is a fantastic opportunity for an experienced Governance professional to join a successful team in a newly created position. This role is responsible for ensuring the effective implementation and reporting of cybersecurity policies, frameworks, and regulatory requirements. The individual will lead on cybersecurity reporting, embed governance across the organisation, and ensure compliance with internal policies and applicable legislation. The successful candidate will be afforded public sector benefits - increased holidays, fantastic pension and unmatched job security in an organisation which truly reflects work-life balance! This is a hybrid role with with city-centre offices. The Role Mature the current cybersecurity performance indicators (KPIs) and reporting structures to measure security effectiveness. Establish key cyber security performance indicators and reporting structures for vendors to measure their security effectiveness. Collaborate with internal and external stakeholders to ensure adherence to cybersecurity policies and compliance requirements. Draft and publish new cyber policies where needed. Conduct cybersecurity risk assessments to identify and mitigate security threats. Lead security audits and assessments both internal and externally with suppliers, ensuring gaps are identified and remediated. Develop, implement, and monitor cybersecurity controls to safeguard critical assets. Develop and present cybersecurity reports, dashboards, and metrics to senior management and key stakeholders. Ensure timely and accurate reporting on cybersecurity risk, incidents, and regulatory compliance. Support regulatory and board-level reporting requirements by providing cybersecurity insights and updates. Stay up to date with emerging cybersecurity threats, regulatory changes, and industry trends. The Person (Essentials) A Bachelor's or Master's degree in Risk Management, Cybersecurity, Business Information Systems, or a related field. Relevant certifications such as CISM, CISA, CISSP, or CRISC are advantageous. At least 5 years' experience in cybersecurity governance, risk management, and compliance within heavily regulated industries. Proven ability to consolidate and generate reports from multiple data sources. Strong understanding of cybersecurity regulations, frameworks, and industry best practices. Hands-on experience with security audits, risk assessments, and compliance reporting. You'll have the right to work in Ireland (EU Citizen/Stamp 4 Visa) Happy to work in a hybrid model and be on-site for meetings as required Salary Starting salary is €81,000 with a leading benefits package including pension and increased holidays. To speak in absolute confidence about this opportunity, please send an up-to-date CV via the link provided or contact Calum Omand, Specialist Recruitment Consultant, at MCS Group on . Even if this position is not right for you, we may have others that are. Please visit MCS Group to view a wide selection of our current and exclusive roles Skills: Governance infosec cyber reporting Benefits: Pension

Location: Dublin Full-Time | 12-Month Fixed-Term Department: Cybersecurity We are offering an excellent opportunity for an experienced Third Party Risk professional to take ownership of a mature, high-visibility program within a large and nationally critical organisation. In this 12-month role, youll lead all aspects of third-party cybersecurity risk across a complex vendor landscapedeveloping controls, building automated workflows, reviewing AI and OT/IoT supplier risks, and driving continuous improvement in how we assess, monitor, and respond to supplier threats. This is a hands-on lead role ideal for someone who thrives on ownership, influence, and deliveryand wants the chance to make a real impact across the organisation. Key Highlights: Autonomy & Impact Youll be the lead for third-party risk, driving change across procurement, legal, IT, architecture, and cyber. Complex, Interesting Environment Work on a diverse vendor portfolio including AI/ML, OT/IoT, and high-impact national infrastructure projects. Strong Internal Visibility Your work will directly support GRC leadership, cybersecurity strategy, and regulatory compliance at scale. Build Something That Lasts Shape workflows, assessments, and reporting systems that form a critical part of the organisations cyber maturity journey. What Youll Do: Lead third-party cyber risk assessments, onboarding, and due diligence for critical vendors Review and assess supplier security docs (SOC2, ISO 27001, NIST, PCI DSS, etc.) Develop streamlined onboarding workflows and interactive risk profiling tools Conduct technical architecture reviews and evaluate suppliers use of AI, OT, and IoT technologies Work with procurement, legal, and internal IT teams to integrate third-party risk into contracts and processes Review vulnerability and threat intelligence reports, manage risk registers, and escalate issues Provide risk reports and insights to senior stakeholders What You Bring: 3+ years in third-party risk, cybersecurity, IT risk, or vendor governance Strong grasp of risk frameworks and security standards (ISO 27001, NIST, GDPR, etc.) Excellent stakeholder engagement and documentation skills Relevant qualifications (e.g., CISSP, CISM, CRISC, CISA) preferred Strong analytical mindset with a delivery-focused approach Contract Terms: 12-Month Fixed-Term Contract Salary: €80,000 Full-time, hybrid working If you're looking for a role where you can make a significant impact quickly, with the autonomy to lead and shape a key cyber risk program, this could be a standout opportunity. Please note only candidates that match the minimum job requirements above will be contacted for this role. Benefits: Parking, Holidays

Description
Amazon is seeking a qualified Security Engineer to join our innovative, high energy Information Security team. In this role you will work within the Amazon Security Incident Response Team (SIRT). SIRT Security Engineers respond to security events, conduct analysis of threats such as malware and intrusion attempts, and provide security services to safeguard highly sensitive data. They work hands-on with detection systems and vulnerability analysis tools to respond to potential threats to Amazon systems. SIRT Security Engineers are unique individuals prepared to relentlessly resolve security issues by gathering and analyzing event data and conducting root-cause analysis. With your technical expertise, you will be solving security challenges at scale, working to protect the applications powering the most sophisticated e-commerce platform ever built. We value broad and deep technical knowledge, specifically in the fields of forensics, malware analysis, network security, application security, threat hunting, and threat intelligence.
Key job responsibilities
- Responding to security incidents, and coordinating a cohesive response involving multiple teams across Amazon.
- Providing security engineering solutions and support during customer-facing incidents, proactively considering the prevention of similar incidents from occurring in the future.
- Assisting in the development of pragmatic solutions that achieve business requirements while maintaining an acceptable level of risk.
- Identifying and recommending solutions that improve or expand Amazon's incident response capabilities.
- Working alongside and mentoring Information Security engineers to improve security, reduce and quickly address risk.
- Evaluating the impact of current security trends, advisories, publications, and academic research to Amazon, coordinating response as necessary across affected teams.
- Keeping your knowledge and skills current with the rapidly changing threat landscape.
- Participating in a follow-the-sun on-call rotation.
About the team
Why Amazon Security
At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazon's products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores.
Work/Life Balance
We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why flexible work hours and arrangements are part of our culture. When we feel supported in the workplace and at home, there's nothing we can't achieve.
Inclusive Team Culture
In Amazon Security, it's in our nature to learn and be curious. Ongoing DEI events and learning experiences inspire us to continue learning and to embrace our uniqueness. Addressing the toughest security challenges requires that we seek out and celebrate a diversity of ideas, perspectives, and voices.
Training and Career Growth
We're continuously raising our performance bar as we strive to become Earth's Best Employer. That's why you'll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional.
Basic Qualifications
- BS in Computer Science, Information Security, or equivalent professional experience
- 1-3 years of demonstrated experience in areas such as incident response, systems security, network security, and/or application security
- Proficiency in at least one programming language (e.g., Python, Go, PowerShell, Shell scripting, Perl, Ruby, Java, C++, C)
- Technical depth in two or more specialties including: digital forensics, malware analysis, network security, application security, security intelligence, and security operations
- Understanding of security vulnerabilities, attacker exploit techniques, and their remediation methodologies.
Preferred Qualifications
- Experience triaging and developing security alerts and response automation, conducting front-line analysis, and providing escalation support.
- 3+ years of information security experience.
- Relevant industry certifications from SANS, ISC2, etc.
- Strong demonstrated knowledge of Unix tools and architecture.
- Experience working as part of a Computer Security Incident Response Team (CSIRT)
- Familiarity/experience with AWS services and security concepts.
Amazon is an equal opportunities employer. We believe passionately that employing a diverse workforce is central to our success. We make recruiting decisions based on your experience and skills. We value your passion to discover, invent, simplify and build. Protecting your privacy and the security of your data is a longstanding top priority for Amazon. Please consult our Privacy Notice ( ) to know more about how we collect, use and transfer the personal data of our candidates.
Amazon is an equal opportunity employer and does not discriminate on the basis of protected veteran status, disability, or other legally protected status.
Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit for more information. If the country/region you're applying in isn't listed, please contact your Recruiting Partner.

SMBC Group is a top-tier global financial group. Headquartered in Tokyo and with a 400-year history, SMBC Group offers a diverse range of financial services, including banking, leasing, securities, credit cards, and consumer finance. The Group has more than 130 offices and 80,000 employees worldwide in nearly 40 countries. Sumitomo Mitsui Financial Group, Inc. (SMFG) is the holding company of SMBC Group, which is one of the three largest banking groups in Japan. SMFG's shares trade on the Tokyo, Nagoya, and New York (NYSE: SMFG) stock exchanges.
In the Americas, SMBC Group has a presence in the US, Canada, Ireland, Mexico, Brazil, Chile, Colombia, and Peru. Backed by the capital strength of SMBC Group and the value of its relationships in Asia, the Group offers a range of commercial and investment banking services to its corporate, institutional, and municipal clients. It connects a diverse client base to local markets and the organization's extensive global network. The Group's operating companies in the Americas include Sumitomo Mitsui Banking Corp. (SMBC), SMBC Nikko Securities America, Inc., SMBC Capital Markets, Inc., SMBC MANUBANK, JRI America, Inc., SMBC Leasing and Finance, Inc., Banco Sumitomo Mitsui Brasileiro S.A., and Sumitomo Mitsui Finance and Leasing Co., Ltd.
+ This is a hybrid role, requiring the successful candidate to attend our Tralee office.
**Role Description**
As a Cyber Incident Response Analyst, you will be a key part of a high performing SOC team, with a desire to continually improve and advance our capabilities to protect SMBC Group. You will bring your passion for Cybersecurity to a team of like-minded professionals and leverage this passion to ensure our monitoring and response capabilities are effective and efficient and that we keep pace with a rapidly changing threat landscape.
You will relish your core role in supporting the monitoring and response of cyber security alerts and incidents by digging into and investigating them to find the root cause and identifying the gap in controls that allowed a threat to reach that point in the kill chain. If you identify an incident, you will lead that technical analysis, tracking down the actions of that threat actor as part of the incident response, while supported by the wider Incident response process and members of the SOC and CSIRT teams. If you identify a false positive, you will drive the effort to tune or refine our detections, or to drive improvements to our preventative controls to prevent a recurrence, freeing more time for the SOC to focus on improving our skills and capabilities. With your knowledge and expertise, you will develop and hone the SOC through work-product review, mentoring, and ownership of projects to develop the technical capabilities of the SOC.
As part of a wider team of SOC analysts, you are able to focus on an area you are passionate about, or if sufficiently experienced, take the lead. You will develop deep expertise and expand our capabilities in domains ranging from across Purple Teaming, Threat hunting, Digital Forensics and Incident Response (DFIR), Security Automation, Detection Engineering and Threat Intelligence and share this knowledge to develop the depth of knowledge of the SOC. As part of a Financial Group with offices and data centers across the Globe, you will have access and exposure to leading technologies and tools. If there is a gap in our toolset, you can help us identify and bridge that gap by acting as Subject Matter Expert to do so. You will bring fresh ideas, challenge the status quo, and seek always to answer - how can we improve?
This role is best suited for candidates who enjoy and have experience within SOC or CSIRT teams and enjoy investigating and finding the root of an issue or incident and working on getting the most from leading edge security toolsets and platforms and processes. Candidates who excel will think critically to find ways to resolve security challenges. This role would suit an experienced and self-motivated cyber security professional with strong technical skills and knowledge combined with a passion for cyber security.
Note: Expectation is to be onsite once a month for this role.
**Role Objectives**
-Act as technical lead in the development and enhancement of capabilities such as Cyber Monitoring & Response/Purple Teaming/Threat Hunting/Digital Forensics/Incident Response
-Act as an escalation point for the analysis of security alerts or technical response to security events and incidents
-Review and guide the SOC personnel for well-written, complete, and thorough analysis
-Mentor and guide more junior SOC personnel sharing your knowledge and expertise.
-Develop and improve monitoring & response playbooks.
-Conduct proactive threat hunting and DFIR activities.
-Develop deep expertise in our monitoring systems and technology to act as an SME in working with our detection engineering and automation teams to enhance our abilities to prevent, detect & respond.
-Identify and test new adversary TTPs and our ability to detect and respond to them.
-Identify opportunities for efficiency, work hand in hand with Security Automation team to automate and improve our response processes.
-Assist in the implementation and ongoing support of security systems, acting as an SME for SOC related projects.
-Execute tasks or support projects to enhance team's capabilities.
-Assist in defining SOC requirements for information technology projects.
-Act as a role model and set the standard for technical analysis within the SOC.
-Providing strong mentorship and guidance to more junior SOC team members by acting and leading by example. Bring a positive outlook and seek to motivate and inspire your fellow team members.
-Demonstrate comprehensive understanding of cyber security best practices, risk vectors, mitigation techniques and protection software. Display knowledge of network security concepts and tools such as firewalls, proxy servers, email security and suspicious traffic flows. Exhibit analytical ability to lead incident response and mitigation efforts as well as identify key areas for improvement from post-incident analysis. Show ability to convey cyber security polices and concepts to employees and lead training efforts to ensure all employees follow recommended best practices relating to cyber security.
-Strong understanding of MITRE ATT&CK Cyber Kill Chain and similar frameworks.
-Strong knowledge of security controls related to the detection, analysis, and response (SIEM, EDR, NDR, XDR, UEBA).
-Strong knowledge of Windows and Linux systems, Active Directory, Cloud technologies.
**Qualifications and Skills**
-5+ years of experience in cyber security experience required, ideally in a SOC, DFIR, or CSIRT role.
-Strong verbal and written communication skills with experience in documenting their work to a high level.
-Professional Certifications an advantage but not essential if have requisite role knowledge, GCIH, GNFA, GFCA, Certified Ethical Hacker (CEH), OSCP, CISSP or similar certifications a plus.
-Must be self-directed with the ability to work independently.
-Ability to multi-task and remain productive in a service-driven and results oriented environment.
-Demonstrated strong organizational, analytical, and problem-solving skills.
**Additional Requirements**
SMBC's employees participate in a hybrid workforce model that provides employees with an opportunity to work from home, as well as, from an SMBC office. SMBC requires that employees live within a reasonable commuting distance of their office location. Prospective candidates will learn more about their specific hybrid work schedule during their interview process.
SMBC provides reasonable accommodations during candidacy for applicants with disabilities consistent with applicable federal, state, and local law. If you need a reasonable accommodation during the application process, please let us know at