Dieses Stellenangebot ist nicht mehr verfügbar
Über
Learn more about the general tasks related to this opportunity below, as well as required skills.
Our Security Practice is one of the fastest growing areas of the business with significant growth plans through additional recruitment and acquisitions. Our Cyber Investigation and Forensic Response (CIFR) practice is rapidly growing, and we are hiring mid to very senior level incident response and threat hunting professionals to work with our F500 enterprise customers. With our recent acquisitions we continue to enhance our incident response, threat hunting, forensics, threat intelligence, and red teaming capabilities.
You need to have your own car for this role
Role Responsibilities
Manage and support end-to-end incident response investigations with our customers
Identify and investigate intrusions to determine the cause and extent of the breach, by leveraging EDR, SIEM, and threat intelligence sources
Conduct host forensics, log analysis, network forensics, and malware analysis in support of incident response investigations
Conduct Threat Hunting across customer\'s environments with indicators of compromise, hunting for evidence of suspicious behaviour
Conduct incident response within various Cloud platforms
Identify attacker tools, tactics, and procedures to develop indicators of compromise for CTI consumption
Work on proactive exercising and simulations, such as tabletops and purple teams
Work alongside the EMEA team in a follow-the-sun model for large engagements
Eligible for on-call responsibilities and meet SLAs for incoming incidents
Develop and implement remediation plans in conjunction with incident response
Form and articulate expert opinions based on findings
Produce comprehensive and accurate oral and written reports and presentations for both technical and executive audiences
Effectively communicate and interface with client, both technically and strategically from the executive level, to client stakeholders and legal counsel
Support leadership in properly scoping engagements with innovative methodical approaches, based on client requirements
Participating in engagements from kickoff through remediation, either on premises or remote, depending on client requirements
Collaborate well with a highly experienced and diverse team of talent, in support of one mission - providing expert incident response services to our clients
Travel to on-site incident locations for acquisition, support, and engagement delivery both in and out of the country will be required for this position, with the requirement to travel up to 50%.
Qualifications & Experience
Bachelor\'s Degree or relevant investigative experience
Security certifications such as: CISSP, SANS GIAC (GCFA, GCIH, GCFR), BTL1, or similar
Expert knowledge of forensic file system and memory techniques and use of the most commonly used toolsets, such as EnCase and FTK Suite
Deep technical knowledge of methods utilized for evidence collection, maintenance of chain of custody and associated documentation, evidence storage and analysis and evidentiary reporting
Thorough understanding xcfaprz of cyber security operations, security monitoring, EDR and SIEM tools, such as CrowdStrike and Splunk
Detailed knowledge of Windows & Unix based operating systems and administrative tools
Windows disk and memory forensics
Unix or Linux disk and memory forensics
Network traffic and protocol analysis utilizing tools such as Wireshark
Strong knowledge of incident response, forensics and investigation processes
Knowledge of IDA Pro, OllyDbg, other disassemblers/debuggers
Applied knowledge of security controls such as authentication and identity management, security enhanced network architectures and application-based controls (including Windows, Unix, and network equipment)
Knowledge of static and dynamic malware analysis
Excellent time management, writing and communication skills
Strong analytic, qualitative, and quantitative reasoning skills
Minimum 3 years of comparable experience
Relevant industry certifications valuable
#J-18808-Ljbffr
Sprachkenntnisse
- English
Hinweis für Nutzer
Dieses Stellenangebot wurde von einem unserer Partner veröffentlicht. Sie können das Originalangebot einsehen hier.