Log In Sign Up

Cyber Threat Incident Response Investigator

Premium Job From Experis IT

Recruiter

Experis IT

Listed on

25th April 2018

Location

England

Salary/Rate

£50000 - £65000

Type

Permanent

This job has now expired please search on the home page to find live IT Jobs.

Cyber Threat Intelligence - Incident Response Investigator

Experis is working with a market leader in Cybersecurity, looking for an experienced Cyber Threat and IT Security professional to join the Cyber Threat Intelligence team.

Your role will be a comprehensive overview of the incident response investigatory process, and you will have oversight from kick-off through remediation to completion. Moreover, you'll be expected to Build scripts and playbooks to enhance the overall incident investigation process, and research new and emerging attack mechanisms deployed my malicious threat actors

You'll be expected to represent your investigative findings and effectively communicate them to stakeholders. Mentoring, developing and coaching of more junior members of staff in Incident Response will also be part of your responsibilities.

Essential Skills/Experience

* Knowledge of at least one Incident Response framework, and associated stages (NIST, CREST etc)

* Experience leading investigations and managing incident analysts

* 5+ years of advanced security, digital and network forensics experience

* Ability to conduct host forensics, network, forensics, log analysis, and malware triage in support of incident response investigations

* Recognise and codify attacker techniques, tactics, and procedures with a view to creating indicators of compromise (IOCs) that can be applied to current and future investigations

* Knowledge of appropriate Incident Response tools to aid in analysis, recording and reporting

* Extensive experience in five or more of the following areas (and their associated tools) preferably with a recognised qualification:

* Windows disk and memory forensics

* Network Security Monitoring (NSM), network traffic analysis, and log analysis

* Unix or Linux disk and memory forensics

* Dynamic malware analysis including knowledge of malware behaviour and techniques employed by attackers to evade existing security controls

* Reverse Engineering and Static Analysis

* Applied knowledge in at least one scripting or development language (such as Python)

* Thorough understanding of enterprise security controls in Active Directory / Windows environments

* Experience with hands-on penetration testing against Windows, Unix, or web application targets

Desirable Skills

* Knowledge of full chain of custody procedures for Incident Response, including relevant hardware and software for system imaging

* Possess one or more of the following certifications: GREM, GCFA, GCFE, CISA or CISSP (Required or desired?)

* Expert understanding of multiple security technologies, particularly in the threat intelligence and analytics area with relevant and appropriate certifications. GIAC preferable (Required or desired?)

* Knowledge of application and infrastructure components and how they relate to the Cyber Kill Chain

* Good understanding of Assembly language

Personal Profile

We are looking for passionate individuals who are committed to their professional development in this industry. My client wants to know your insight into current cybersecurity threats and trends, and will immerse you in the security industry and community as a part of this position.

Are you the person we're looking for?

Interviews are taking place immediately, send a CV ASAP to or to find out more call 01619 243912

United Kingdom, UK

You are currently using an outdated browser.

Please consider using a modern browser such as one listed below:

Google Chrome
Google Chrome
 Opera
Opera
 Mozilla Firefox
Mozilla Firefox