Cyber Security Incident Response Specialist

Summary about this job

Detail information about job Cyber Security Incident Response Specialist. Terms and conditions vacancy

We’re looking for a dynamic and motivated candidate with strong experience in CIR and ideally a background in SOC analyst roles or penetration testing and red teaming.

Responsibilities

• Acting as the escalation point and incident manager for cyber security incidents identified through the level 1 and 2 analyst teams or raised directly by a client.
• Analysing a specific incident from its detection through to developing a containment strategy and executing subsequent remediation plans.
• Providing crisis management guidance while onsite with the client directing incident investigation and containment activities.
• Communicating with the appropriate internal IT and security staff responsible for implementing the appropriate corrective actions.
• Producing detailed written reports outlining the circumstances around the event and add further input into lessons identified.
• Mentoring and support for level 1 and 2 team members.

Requirements

• Experience leading cyber incident response engagements (either in-house or as a consultant).
• An ability to provide technical analysis and direction for investigations.
• An understanding of networking protocols and infrastructure designs; including, firewall functionality, routing, encryption, host and network intrusion detection systems, load balancing, and other network protocols.
• An understanding of the current threat landscape, response, and mitigation strategies used in cyber security.
• An understanding of attacker tactics, techniques and procedures and the cyber kill chain.
• Investigative and analytical problem solving skills.
• Experience in utilising tools such as but not limited to memory/registry analysers, debuggers, anomaly detectors, file analysers, network protocol analysers etc.
• Be able to complete post mortem analysis of network logs, traffic flows and other activities to identify malicious activity on a network.
• Ideally you should also have an ability to analyse and reverse engineer various file types including providing dynamic and static analysis of malware artefacts and binaries as well as other malicious attack files.
• A high level understanding of data protection legislations such as GDPR and the OAIC Notifiable Data Breach (NDB) scheme.
• Penetration testing and red teaming skills highly desirable.
• Inherent passion for information security and service excellence.
• An individual willing to taking on new challenges, gain new skills and work collaboratively in a rapidly growing dynamic and high energy team.
• Ability to travel.

If this sounds like you, please apply below.