Are you interested in joining a Global brand that empowers you to be the best you can be? Wouldn't it be great to have the flexibility that allows you to do your job the way you want in a way that suits your style? Career progression and opportunities are a key factor when working for this forward thinking Organisation.
The Cyber Incident Response specialist is responsible for performing Incident Response activities and cybercrime investigations. They will be responsible for the delivery of services relating to cyber-attacks and data breach investigations; including complex and at times sensitive work streams. They will also be responsible for aspects of internal corporate security investigations, e-Discovery and network investigations. There will be the need to generate reports to satisfy the requirement of senior stakeholders, technical specialists and regulatory bodies.
You be required to support the Cyber Incident Management team and wider Cyber Defence should cyber-attacks occur. This is a hands-on technical role and the role holder will be required to assist the IM function, with rapid triage and assessment of attacks, providing technical findings in a clear and understandable manner. They will be expected to operate in an agile and effective manner conducting root cause analysis of cyber incidents and demonstrating a strong understanding of Incident Response principles and techniques.
Key accountabilities and decision ownership:
Incident Response Investigation - Forensic, technical, root cause analysis and incident response
Work extensively with all our (internal) Customers being part of a global cyber security team to counter cyber-attacks
Coordinate work with security vendors in the development and improvement of security platforms and services for monitoring and analysis.
Contribute to the development of an intelligence-led framework to protect against risk including advanced malware and attacks.
Core competencies, knowledge and experience:
Ability to work efficiently as part of a team.
Strong communication and stakeholder management skills, including reporting.
Experience in the technical investigation of cyber-attacks.
Practical experience of leading the technical response to sensitive cyber forensic investigations.
Experience in the forensic investigation of Windows, Linux, Unix, macOS operating systems.
Experience in the use of forensic and enterprise level toolsets including EDR and eDiscovery.
Experience in the security of enterprise level architecture and networks.
Knowledge of information security management, penetration testing and vulnerability management.
Experience of working with a SOC environment
Experience of working at pace within a complex operational environment.
Knowledge of Malware examination and scripting.
Experience in the identification of IoCs and creation of signatures to identify the same using Yara or OpenIOC.
Knowledge of applicable legislation, including GDPR.
Must have technical / professional qualifications:
Preferred, Incident Response or Forensic certification from GIAC or similar.
Preferred, Batchelor's or Master's Degree in Information Security or Forensic computing or relevant experience.
Ideally, professional experience in the use of EDR tool sets.
Ideally, some professional experience providing eDiscovery services; practical experience of all phases of the EDRM.