More than you expected

Grant Thornton UK LLP is part of a global network of independent audit, tax and advisory firms, made up of some 58,000 people in over 135 countries. We're a team of independent thinkers who put quality, inclusion and integrity first. All around the world we bring a different experience to our clients. A better experience. One that delivers the expertise they need in a way that goes beyond. Personal, proactive, and agile. That's Grant Thornton.

Job Description:

NEW GROUND WON’T BREAK ITSELF.

Every day our teams help people in businesses and communities to do what is right and achieve their goals.

The Grant Thornton Cyber Defence Centre are an established MSSP at the forefront of Cyber solutions, working with industry leading technologies. We offer a path for progression and invest in our workforce. Initiative is encouraged and support is always available across the team and wider group. We work collaboratively and cross functionally, boasting a healthy ethos whereby we aim to promote the best version of ourselves and you.

Working from within the SIRT team, the successfully candidate will be working closely with other members of the team carrying out duties such as EDR alert investigation, Threat Hunting across client digital networks and general network security investigations. 

Working within this role, the SIRT Assistant Manager’s position with require the qualities of both an analyst and manager as during times when the department leads are unavailable the manager will deputise and provide support and guidance to the SOC, Incident Response teams and clients.

We’re happy to talk flexible working and consider reduced hours and job shares, we’ll support you to balance your work and life.

A look into the role

As a SIRT Assistant Manager within our Cyber Defence Centre, you will:

• Act as a point of contact for assistance to SOC members who are investigating more complex EDR alerts and require assistance and direction
• To conduct and manage Threat Hunting by both SIRT and SOC members thought out the multiple environments that are managed by GTUK
• Upon deployment by IR teams, conduct real-time searches for threats and remediate as directed by personnel deployed and IR leads
• Use ‘live Ops’ to search for targeted data or threats using both built in searches and formulate custom queries using OS query language
• When required to do so, compile and manage groups of machines into policies that dictate how they behave based on observed Tactics, Techniques and procedures
• Remain up to date with current and emerging threats that could damage GTUK clients

Knowing you’re right for us

Joining us as a SIRT Assistant Manager, the minimum criteria you’ll need is a professional qualification such as GCFA, GCIH, GNFA or equivalent with post qualification experience, and to be confident managing a large portfolio of clients.  The successful applicant experience in a similar role.  It would be great if you had some of the following skills, but don’t worry if you don’t tick every box, we’ll help you develop along the way.

• Security qualifications are essential and 2.1 degree (or above) in Cyber security, computer science or similar would be preferable.
• Knowledge and experience of computer networks, operating systems, software, hardware and security
• An understanding of Cyber security risks associated with various technologies and ways to manage them
• The ability to analyse and solve problems related to identified threats, patterns and trends
• Experience working with EDR tools such as Carbon Black and Crowdstrike
• Knowledge of cyber threats, malware analyse and attacker techniques
• Be able to utilise your knowledge of the MITRE ATT&CK framework whilst investigating incidents
• Understanding Threat hunting theory and the different types of hunts
• Practiced in writing and delivering technical reports that can be presented to clients and other agencies should the need arise
• Build strong advisory relationships with customers and continuously exceeding client expectations
• Guide incident response teams through Threat Response findings and providing subject matter expertise for response activities
• Experience at using Structured Query Language (SQL)
• Having had previous experience of handling an Incident response investigation

Knowing we’re right for you

Embracing uniqueness, the culture at Grant Thornton thrives on the contributions of all our people, we never settle for what is easy, we look beyond to deliver the right thing, for everyone.  Building an inclusive culture, where we value difference and respect our colleagues helps our people to perform at the best of their ability and realise their potential.

Our open and accessible culture means you’ll interact with leaders who are interested in you and everything you bring to our firm. The things that set you apart, we value them. That’s why we give you the freedom to bring your whole self to work and pursue your passions inside and outside of work.

Beyond the job 

Life is more than work. The things you do, and the people you’re with outside of work matter, that’s why we’re happy to look at flexible working options for all our roles, and we’ll always do our best to keep your work and life in balance.

The impact you can make here will go far beyond your day job. From secondments, to fundraising for local charities, or investing in entrepreneurs in the developing world, you’ll be giving back to society. It’s that drive to do the right thing that runs through our every move, grounded in our CLEARR values – Collaboration, Leadership, Excellence, Agility, Respect and Responsibility.

We’re looking for people who want to contribute, spark fresh ideas and go beyond expectations. People who want to be able to proudly do what’s right, for the firm, our clients, our people and themselves. It’s how it should be.

#LI-ME1