Senior Incident Responder, Cyber Security
Location: UK, Dublin, Cluj
This role at a glance:
You will be responsible for incident response, threat hunting and data analysis to protect and maintain the overall Flutter Group security.
The role is also responsible with measurement and reporting of divisional and cross-divisional security incident metrics.
Will maintain excellent relationships with external and internal stakeholders and develop partnerships with external experts and companies in the area of expertise.
- Contribute to the creation of a robust cross-divisional incident management and investigation capability for Flutter Group to support the Flutter Technology defined outcomes.
- Help develop an aligned approach to respond to cross-divisional incidents (e.g. framework, process, runbooks, war room, etc.)
- Perform periodical threat hunting and cross-divisional exercises on incident response and recovery
- Monitor and improve the detection, treatment and containment processes for global applications and incidents that impact multiple divisions
- Protect Flutter Group systems and information by having prompt responses to security threats and incidents; ability to act individually and as part of a team to resolve issues
- Analyze Flutter Group Functions and divisional cyber security incidents to solve issues and aid with improving incident handling procedures
- Contribute to develop forensics investigation and e-Discovery capabilities to support Divisions and Flutter Group Functions
- Give input on incidents to the cyber threat team and corelate in order to improve threat exposure
- Participate in development and implementation of incident containment procedures
- Perform periodic reports and check compliance
- Create reports and document all incidents and procedures, while periodically presenting the findings to the team
- Coordinate with several areas during a security incident – legal, management, operations etc.
- Perform identification, containment and eradication measures, while supporting with recovery efforts
- Building Support : we establish close relationships with our stakeholders, underpinned by trust, integrity and respect. We are able to build awareness, understanding and positive momentum behind the Group technology strategy, often without being in a position to assert authority.
- Objective: we are impartial and unbiased, ensuring equal treatment for all and that decisions taken are based on objective criteria.
- Collaborative: we work effectively and in partnership with our stakeholders on shared goals that align towards the achievement of the Group technology strategy. We foster a collaborative environment and assume the role of leader when required.
- Adaptable: we understand and appreciate different and opposing perspectives on an issue and are able to adapt our approach in order to achieve a successful outcome.
- Strategic Thinking: we think about the big picture and use that perspective to support our Divisions to achieve competitive advantage through greater agility, faster time to market and a better customer experience.
- Strategic Communication : we are proactive and considered in our approach to stakeholder communications. We actively listen, provide constructive feedback and help others to consider new perspectives.
- A solid background in cyber security with extensive expertise in incident management
- Extensive experience of internal and external stakeholder management
- Strong report writing and communication skills.
- Solid Teamwork Skills - the ability to collaborate with others who are conducting research in the same, similar or different areas than is being investigated;
- Familiar with related publications such as: NIST 800-61 (incident handling)
- Good understanding of computer intrusion activities, incident response techniques, tools, and procedures
- Experience with SIEM architecture, and knowledge of Splunk, Elastic Stack or industry equivalent technology
- Working knowledge of the Cyber Kill Chain and Incident Response Phases
- Good understanding of industry’s commonly accepted attackers’ tools and strategies
- Relevant certifications are an advantage: CHIH, GCTI, CISSP, CRISC, CRESC