Gsoc Threat Detection Team Lead

Full-time

Employee Status: Regular

Role Type: Hybrid

Department: Information Technology & Systems

Schedule: Full Time

**Company Description**:
**Discover the Unexpected**

Experian is the world’s leading global information services company. During life’s big moments - from buying a home or a car, to sending a child to college, to growing a business by connecting with new customers - we empower consumers and our clients to manage their data with confidence. We help individuals to take financial control and access financial services, businesses to make smarter decisions and thrive, lenders to lend more responsibly, and organisations to prevent identity fraud and crime.

We have 21,700 people operating across 30 countries and every day we’re investing in new technologies, talented people, and innovation to help all our clients maximise every opportunity. With corporate headquarters in Dublin, Ireland, we are listed on the London Stock Exchange (EXPN) and are a constituent of the FTSE 100 Index.

Experian is the world’s leading global information services company. During life’s big moments - from buying a home or a car, to sending a child to college, to growing a business by connecting with new customers - we empower consumers and our clients to manage their data with confidence. We help individuals to take financial control and access financial services, businesses to make smarter decisions and thrive, lenders to lend more responsibly, and organisations to prevent identity fraud and crime.

We have 21,700 people operating across 30 countries and every day we’re investing in new technologies, talented people, and innovation to help all our clients maximise every opportunity. With corporate headquarters in Dublin, Ireland, we are listed on the London Stock Exchange (EXPN) and are a constituent of the FTSE 100 Index.

**Job Description**:
**Description**

The _Threat Detection Lead Analyst_ is an essential part of Experian’s Global Security Operation Center (GSOC) that perform in-depth analysis and further triage of security threats, proposes remediation actions, and takes part in the creation and steady improvement of correlation rules, processes and procedures and other department related documentation. The _Threat Detection Lead Analyst_ is a leader within the organization, executing on strategic items that promote a strong information security posture. Below is the list of main tasks:

- Investigate incidents using SIEM technology, packet captures, reports, data visualization, and pattern analysis.
- Analyze, escalate, and assist in remediation of critical information security incidents.
- Improve and challenge existing processes and procedures in a very agile and fast-moving information security environment.
- Collaborate with external teams for incident resolution and escalations, ensuring questions and concerns from Experian users are answered in a timely manner.
- Provide support and leadership to the tier one analysts, including feedback on quality of work, driving case quality.
- Expert knowledge of:

- Information security policies and goals
- Log analysis and event traffic patterns
- The current IT threat landscape and upcoming trends in security

**Qualifications**:
**Required Experience**:5+ years’ experience in the following areas:
Demonstrates advanced technical skills and hands-on knowledge, such as:

- In-depth packet analysis skills, core forensic familiarity, incident response skills, public could security practices, and data fusion skills based on multiple security data sources
- Security analysis and architecture of Azure and AWS cloud environment using security tools including Defender for Cloud, GuardDuty, CloudTrail, or CloudWatch.
- System administration on Unix, Linux, or Windows
- Network forensics, logging, and event management
- Defensive network infrastructure (operations or engineering)
- Vulnerability assessment and penetration testing concepts
- Malware analysis concepts, techniques, and reverse engineering
- In-depth knowledge of network and host security technologies and products (such as firewalls, network IDS, scanners) and continuously improve these skills
- Security monitoring technologies, such as SIEM, IPS/IDS, UEBA, DLP, among others.
- Scripting and automation

Demonstrates behavioral skills, such as:

- Ability to work in a team environment, able to train and coach other team members
- Excellent verbal and written communications skills and ability to produce clear and thorough security incident reports and briefings.
- Strong logical thinking abilities, especially analyzing security events.
- Excellent analytical and problem-solving abilities
- Excellent organizational and attention to details in tracking activities within various Security Operation workflows.
- Well established client-focused communication skills that requires to read, review, investigate, and summarize reports on complex issues, in a manner that can be understood by non-technical