Senior Offensive Security Liaison Analyst
Senior Offensive Security Liaison Analyst
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Job Description
As part of the Centre for ThreatInformed Offence you will lead liaison security operations supporting Breach & Attack Simulation (BAS) and Red Team activities. Acting as the bridge between Offensive Security and the business you will coordinate monitor and communicate Red Team operations ensuring alignment with realworld threats. Your role includes validating attack simulations enhancing security visibility and refining detection capabilities with Cyber Defence and MDR. With strong technical expertise and communication skills you will translate findings into actionable insights to strengthen security posture. This is a remote working role with flexibility to operate from any of our office locations as required.
The Role:
- Handson experience in Cyber Defence Threat Hunting or Incident Response with exposure to Red Team or BAS operations.
- Validate and analyse Red Team and BAS findings ensuring accurate reporting of offensive security activities and their impact on the business.
- Ensure timely correlation and investigation of Red Team activities to assess detection efficacy and minimize risk exposure.
- Safely acquire and preserve forensic evidence related to offensive security exercises assessing detection gaps attack paths and security control effectiveness.
- Strong sysadmin skills (Linux/Windows) and proficiency in scripting/programming (PowerShell Python) to automate detection and analysis tasks.
- Identify and analyse emerging attack techniques based on internal testing threat intelligence and Red Team assessments.
- Collaborate with IT and Cyber Defence teams to ensure Red Teamgenerated alerts and findings are triaged actioned and integrated into detection engineering efforts.
- Correlate offensive security test data with defensive gaps to develop strategic mitigation plans and enhance security controls.
- Routinely update and refine Red Team detection playbooks ensuring response activities align with threatinformed defence principles and provide comprehensive threat mitigation.
Communications and Relationships:
Internal:
- With the CISO IT Security Directors and security team; Information Security Programme Manager and project managers Risk & Compliance Legal Audit IT Procurement and other support functions as well as operational management and clientfacing teams.
External:
Customers and suppliers
Qualifications
The Requirements:
Qualifications:
- Qualified to degree level preferably in a business IT or security related subject.
- Hold and maintain appropriate Information Security professional qualifications such as CISSP or CISM technical security and technology such as CompTIA Network Security OSCP CEH or GIAC.
- The role holder will be able to demonstrate a commitment to security and strong environmental awareness through continued professional development and learning.
- Solid understanding of SIEM technologies.
- Scripting and programming skills with proficiency in one or more of the following; PowerShell Pearl Python.
- A solid understanding of networking technologies enterprise wide technologies including database operating system web application middleware etc.
- Proven ability to work in global collaborative group environment
- Experience working with a high degree of autonomy managing own workload and delivering to tight timescales
- Strong communication skills both oral and written.
- Team player with good interpersonal skills.
- Ability to communicate technical concepts to nontechnical disciplines
- Proven experience working with a Security Incident and Event Management solution as an analyst.
- Calm organised and methodical
- Excellent analytical problemsolving skills
- Agile and responsive approach to meeting business security and technology objectives and delivering continuous improvement.
- Determine technical/operational impact root cause(s) scope and nature of the incident to mitigate risk and provide advice on remediation or recommendations
- Comprehensive understanding of security threats risks and countermeasures and ability to apply in a practical context at all stages of the chain
- SIEM investigations.
- Handson operational security experience including use of Excel SQL DBMS and opensource tools as well as shell scripting and programming languages to validate data sets produced in response to security incidents
- Technical understanding including TVM DLP APT SIEM perimeter security content filtering packet flows IPS/IDS etc
- Indepth understanding of currently supported versions of Microsoft Windows Server and Active Directory as well as products such as SCCM and SCOM
- Thorough understanding of technical security countermeasures and awareness of external and internal threat landscape
- Knowledge of security standards frameworks regulation and legislation
- Thorough understanding of network protocols data on the wire covert channels ciphers and shell scripting.
Equal Opportunity Employer
At WTW we believe difference makes us stronger. We want our workforce to reflect the different and varied markets we operate in and to build a culture of inclusivity that makes colleagues feel welcome valued and empowered to bring their whole selves to work every day. We are an equal opportunity employer committed to fostering an inclusive work environment throughout our organization. We embrace all types of diversity.
At WTW we trust you to know your work and the people tools and environment you need to be successful. The majority of our colleagues work in a hybrid style with a mix of remote inperson and inoffice interactions dependent on the needs of the team role and clients. Our flexibility is rooted in trust and hybrid is not a onesizefitsall solution.
Were committed to equal employment opportunity and provide application interview and workplace adjustments and accommodations to all applicants. If you foresee any barriers from the application process through to joining WTW please email
Required Experience:
Senior IC
Employment Type
Full-Time
