Job Reference: 314859
Time Type: Full time
Worker Type: Employee
Incident Response Specialist
Reporting to our Regional Team Leads, the Security Incident Responder will be a key member of our rapidly growing Global Security Operations team.
This is an exciting hands-on technical role in which the specialist will use their security skills and knowledge to perform advanced analysis on the collection of cyber threats using high-level proactive and reactive threat hunting methods, classifying, analysing, prioritising and remediating security alerts/events.
The focus is to provide effective, proactive and a highly technical analytical response to cyber security-related incidents to prevent QBE from becoming compromised by modern attack methods and techniques.
Your responsibilities for this role may include, but are not limited to:
- Translates business objectives into security objectives by providing support in design/architecture for new security applications to improve the current security posture globally for QBE.
- Contributes to, monitors and advises on the planned developments and changes in order to ensure relevancy, compliance and optimal delivery.
- Recommends and implements initiatives, develops IR processes and procedures.
- Contribute to the ongoing development of security operations “best practice” and support continuous improvement.
- Provide guidance regarding security technical support, and influence peers in following best practice.
- Manage business continuity plan, and information back-up procedures, to ensure minimal disruption in the event of Cyber Attack.
- Implement security initiatives aimed at improving the existing infrastructure.
- Review new security products and ascertain their suitability for the QBE environment.
- Execute threat hunting activities using various proprietary and open source tools to identify current and emerging threats that pose a risk to QBE.
- Perform advanced analysis on collection of cyber threats using high-level proactive and reactive threat hunting methods.
- Build strong relationships with internal and external stakeholders to maintain and improve QBE security and enhance knowledge and information sharing.
- Actively communicate with staff and third parties to correctly identify and resolve problems and manage their expectations.
- Document incidents, requests and problem management information to ensure required compliance standards/SLAs are achieved.
- Use security tools and resources to correlate suspicious events, providing context around the event, determine root cause and provide regular updates and recommend modifications to existing systems and procedures.
- Perform deep-dive incident analysis of various data sources by analysing and investigating security related logs against medium-term threats and IOCs
- Actively manage and apply the phases of Incident Response (preparation, identification, containment, eradication, recovery and lessons learned)
- Execute vulnerability and web application assessments; provide analysis and recommendations to mitigate potential threats.
- Makes moderately autonomous operational decisions on threats to QBE’s systems, assets and business operations and provide recommendations for mitigating controls and/or remediation.
- Act as a point of reference to guide and advise others to ensure the sharing of knowledge and best practice throughout the team.
You will need to be able to display you have the following qualifications and experience:
- Working knowledge of Microsoft security products such as Defender, Sentinel and KQL.
- Advanced technical expertise of security solutions and technologies, including: Windows, Linux, Networking, Security Architecture experience and knowledge of packet flow/TCP/UDP traffic, Firewall and proxy technologies, cloud solutions, anti-virus, static and dynamic malware analysis techniques.
- Expert in performing analytics with different types of logs, i.e. network, active directory, database, DNS, firewall, proxies, host-based security, cloud and applications logs etc.
- Working experience in leading security incidents at all levels related to incident response
- Working experience in managing 2nd/3rd level security events
- Ability to manage relationships with global security operations colleagues and other departments, including network teams and incident managers.
- Demonstrated ability to make decisions on remediation and counter measures
- Be able to communicate effectively and update senior stakeholders globally
- Security certifications in any of the following: SANS (GCIH, GCIA, GPEN, GREM), ISC2 (CISSP, CCSP), ISACA, CEH, CREST, OSCP or equivalent
- Advanced understanding of tools, techniques and procedures that modern attackers use to compromise organisations.
- Demonstrable understanding of various security frameworks and methodologies such as OWASP 10, SANS TOP 25, NIST Incident Reponses, CERT Model, Diamond Model, MITRE ATT&CK, and the Extended Cyber Kill Chain.
We understand that one size doesn’t fit all and that priorities can change depending on your life stage. That is why our blend of wellbeing initiatives and benefits offer flexibility to suit what matters most to you. It’s in the culture of our business, our QBE DNA, to support our people. Everything we do is underpinned by our QBE DNA - because we know it’s not just what we do that matters, it’s how we do it that makes the difference. In addition to this, we also offer flexible parental leave for both parents and have several employee network groups that support and empower our diverse workforce.
At QBE, we view our people as our most precious asset. We understand the importance of fostering a work environment that is responsive to the changing needs of today's workforce. QBE aims to build a workplace that is fair and inclusive because we want to attract and retain the best people to do the job, we have adopted flexible working across the company and welcome this conversation (https://qbeeurope.com/careers/flex-qbe/).
Some of the award’s QBE are proud to have won, been a finalist for, and shortlisted for include;
5-star Diversity, Equity and inclusion (DEI) awards, 2023 Winner - Insurance Business Canada
Employer of the Year 2022 Winner – Insurance Insider
British Claims Awards 2022 Winner - InsurTech Award
Insurance Times Claims Excellence Awards 2022 Winner - Claims Product Solution of the Year
Working Families Best Practice Awards 2021 Finalist for: Best COVID-19 Response
Insurance Post British Insurance Awards 2022 Shortlisted for: Best Customer Care, Diversity & Inclusion Initiative of the Year 2022, Specialist Insurer of the Year (for Construction), General Insurer of the Year
We are proud to have partnerships with organisations such as Stonewall and Working Families, and our commitment to the Women in Finance Charter, the UN Women’s Empowerment Principles and Race at Work charter helps keep us accountable and transparent
Inclusion of Diversity
We are striving to create a workplace culture where all our people feel included, and we are committed to building a diverse workforce that is reflective of the communities we operate in.
We know that diversity of thought, background and experience enables better decision making, improves the quality of our delivery and helps us to meet the needs of our customers.
ESG & Sustainability
At QBE, we believe that integrating sustainability into our business helps us deliver on our purpose of enabling a more resilient future. Our three key focus areas include fostering an orderly and inclusive transition to a net-zero economy, enabling a sustainable and resilient workforce and partnering for growth through innovative, sustainable and impactful solutions. For further information regarding QBE’s sustainability targets, including our net-zero pledges and inclusion of diversity targets, and our award-winning impact investment initiative ‘Premiums4Good’, please visit our Sustainability homepage and read our latest Sustainability Report (Link).
We can never really predict what’s around the corner, but at QBE we’re asking the right questions to enable a more resilient future – helping those around us build strength and embrace change to their advantage.
We’re an international insurer that’s building momentum towards realising our vision of becoming the most consistent and innovative risk partner.
And our people will be at the centre of our success. We’re proud to work together, and encourage each other enable resilience for our customers, our environment, our economies and our communities.
With more than more than 11,000 people working across 27 countries, we’re big enough to make a real impact, but small enough to provide a friendly workplace, where people are down-to-earth, passionate and kind.
We believe this is our moment – what if it was yours too?
Your career at QBE — let’s make it happen!
To find out more about why you should work for QBE, visit our careers website.
If you have a passion to contribute to QBE’s vision of enabling a more resilient future for our customers and the community, we encourage you to apply! Simply click the “apply” button to submit your CV and other relevant documents, and a member of our friendly Talent Acquisition team will be in contact to discuss your interest further if you meet the requirements of the role.
Please make the Talent Acquisition aware should there be any reasonable adjustments that may need to be made for the interview and the remainder of the recruitment process.
APPLY NOW and let’s make it happen!
How to Apply:
To submit your application, click "Apply" and follow the step by step process.
Equal Employment Opportunity:
QBE is an equal opportunity employer and is required to comply with equal employment opportunity legislation in each jurisdiction it operates.