Share this Job

Cybersecurity Forensic Analyst

Apply now »

Date: 07-Apr-2021

Location: Hazelwood, DER, GB, DE56 4AN

Company: Lubrizol Corporation

Lubrizol, a Berkshire Hathaway company, is a market-driven global company that combines complex, specialty chemicals to optimise the quality, performance and value of customers’ products while reducing their environmental impact.   Lubrizol produces and supplies technologies to customers in the global transportation, industrial and consumer markets.  These technologies include lubricant additives for engine oils, driveline and other transportation-related fluids, industrial lubricants, and additives for gasoline and diesel fuel.  In addition, Lubrizol makes ingredients and additives for home care and personal care products and pharmaceuticals, and specialty materials, including plastics technology and performance coatings in the form of resins and additives.


Cybersecurity Forensic Analyst 

Competitive Salary and Excellent Benefits 



The Security Operations Centre at Lubrizol is looking to recruit a Cybersecurity Forensic Analyst to join the team.

This is a senior-level technical analyst that is relied upon to conduct extensive system forensics as part of both cybersecurity incident response and insider threat investigations.

If you have experience developing strategies to combat cyber-attacks and leading incident response teams, apply today!


In this role you will: -

  • Serve as a subject matter expert within an incident response team to conduct forensic examinations of systems in the deconstruction of cybersecurity attacks.  In doing so, define and lead iterative analysis processes to ensure effective containment, mitigation and recovery can be managed and accomplished by the incident response team to ensure that the determination of initial attack vectors, tactics and tools used, scope of attack, and extent of compromise are fully determined to the degree possible.
  • Develop expertise in Lubrizol’s security tools to conduct internal investigations brought forward and approved by the business.
  • Communicate findings, assumptions and theories effectively to assist in the incident response process.
  • Serve as an escalation resource and mentor for SOC analysts for advanced analysis.
  • Conduct data/evidence gathering, documentation and handler activities during incidents and investigations ensuring sound forensic practices.
  • Document the critical tools and sources of information necessary for investigations and incident response efforts, monitor to ensure they are operating as intended, and notify appropriate parties when problems are identified.
  • Conduct threat hunting activities through proactive analysis of log, network and system data including system image analysis to identify threats and ensure mitigation measures are effective.
  • Provide sound technical recommendations that help enable remediation of security issues.
  • Identify and incorporate applicable indicators of compromise (IOCs) and cybersecurity threat intelligence to aid in the investigation and mitigation of cybersecurity attacks.
  • Support IT administrators and cybersecurity personnel to ensure successful incident response practices and business system recovery.
  • Provide recommendations for improvements to internal SOC processes and procedures based on experience and operational insight.
  • Work with IS to identify and implement best practices for IT security.
  • Understand and evaluate cybersecurity trends and risks.
    Perform or participate in penetration testing.
  • As part of a global information security team, provide insight and recommendations to leadership.
  • Stay up to date on information technology trends and security standards.
  • Provide cybersecurity insights and act as an information security advocate to the business.
  • Other information security activities as needed. 


To be successful you will: -


  • Be able to demonstrate effectiveness of working independently, establishing priorities and managing task completion within deadlines that are responsive to urgency of incident response requirements.
  • Be able to communicate effectively through writing, speaking, and presenting to fellow team members.
  • Be a team player capable of supporting fellow teammates.
  • Possess expert knowledge in network traffic analysis, threat detection, and advanced threat tactics, techniques and procedures (TTPs).
  • Have expert experience in cybersecurity event analysis, intrusion detection, security operations, and forensic analysis tools and processes.
  • Have strong interpersonal skills.
  • Hold strong IT process discipline.
  • Have the ability to make sound decision making, proactive/creative problem solving and strategic thinking skills.
  • Be able to interact across geographical regions and the broader organization.
  • Be responsive to internal stakeholders.


You will: -

  • Have a Computer Science or related 4-year degree
  • Be able to demonstrate 3+ years of experience in forensic analysis, cyber threat intelligence and/or offensive security practices, or other similar role
  • Have experience creating advanced and detailed queries, such as regular expressions, for log, event and correlation analysis.
  • Have experience with Security Information and Event Management (SIEM) systems, including analysis and incident workflow development processes.
  • Hold experience with a broad array of cybersecurity tools and technologies with the ability to navigate management consoles to extract necessary investigative information as well as to assist in the configuration to enable detection and prevention as part of the response process.
  • Possess a broad knowledge and experience with varieties of network and security architecture principles, firewall and IDS/IPS fundamentals, endpoint security systems and other security protective/detective systems.
  • Have knowledge of cloud technologies and email systems necessary to conduct analysis of cybersecurity attacks in a variety of environments and platforms.
  • Hold experience with the identification and analysis of vulnerabilities and attacker exploit techniques.
  • Have experience training and mentoring others on advanced technical topics such as log and traffic analysis and intrusion detection.
  • Have experience with quickly learning and understanding complex environments, independently reaching stretch goals, and continually improving knowledge and capabilities.
  • Experience taking on complex and difficult problems, formulating a path forward, and executing steps that demonstrate meaningful progress.
  • Strong interpersonal networking skills.
  • Knowledge and experience with security access administration systems and processes.
  • Knowledge and experience with a wide variety of technologies from network, servers, endpoints, IoT, etc.


We offer a comprehensive benefits package including discretionary annual bonus, competitive pension scheme, 25 days annual leave + bank holidays, and private medical cover.

Lubrizol will support you to develop your own skills and progress as part of a global organisation.

Together, we are Lubrizol: Where science excels, and people make a difference


It’s an exciting time to be part of Lubrizol.  Lubrizol is not staying put. We are continually learning and evolving.  Our passion delivers our success — not only for Lubrizol but for those who count on us every day: our employees, customers and communities.  We are talented people working together to solve problems and improve lives through science. We are making a difference, and we will never stop pushing to do it better.


Lubrizol is an equal opportunities employer and welcomes applications from a diverse range of applicants. All applicants will be considered entirely based on their relevant merits and abilities.




The European marketing and technical centre Lubrizol Hazelwood supports an extensive range of clients and Original Equipment Manufacturers across the globe. 

The Hazelwood site is located in a rural setting around 8 miles from Derby City centre.  With a vibrant and constantly growing list of things to do and see, the city offers something to suit all tastes.  Be it lively nights out, a thriving live music scene (Derby recently won the title of ‘the city of festivals!’) an abundance of shops and restaurants, or indeed, getting involved in sports at the Ipro Arena, or the newly opened Velodrome, the choice is endless.  If you prefer more peaceful surroundings the beautiful Peak District is right on the doorstep, offering amazing scenery, idyllic country pubs, and fantastic opportunities for outdoor pursuit enthusiasts.

You will find that Lubrizol offer a wealth of career and development opportunities.  We employ the very best talent and strive to offer our employees the opportunity to grow and learn.

There is something for everyone who lives and work here……

To learn and see what it is like to work here at Lubrizol Hazelwood, please view our video.

For further information, please visit: www.visitderby.com, www.visitpeakdistrict.com



Job Segment: Bank, Banking, Information Systems, Computer Science, Cyber Security, Finance, Technology, Security