Cyber Security Specialists

Global Search Consultancy

Register your details 

Senior Incident Response Analyst (24/01/21CR)

Job type: Permanent, Full time

Location: Home based

Competitive

Sector: DFIR

Job description

We are excited to offer an opportunity to join a growing Global Incident Response Team focused on helping command incident response activities across multiple global offices. If you are someone who likes spending their time hunting and researching the cyber threat landscape whilst also being able to lead an Incident response investigation when called upon, then this could be for you.

Responsibilities: 

  • Execute incident response processes to respond to security threats and attacks.
  • Proactive threat hunting activities leveraging intelligence from multiple internal and external sources.
  • Help creation detection mechanisms and rules based on investigations that are owned by Incident Response.
  • Assist in the design, evaluation, and implementation of new security technologies focused on deception technologies, cloud and containerized environments.
  • Conduct IR tabletops and blue team scenarios globally to test the organization’s security posture
  • Global travel will be required from time to time

Requirements & Skill-Set

  • Extensive experience in several cyber security disciplines 
  • Experience identifying, investigating, and responding to complex attacks
  • Experience with investigative technologies such as SIEM, packet capture analysis, host forensics and memory analysis tools.
  • Strong understanding of the threat landscape in terms of the tactics, techniques and procedures of threat actors employing both commodity and custom malware
  • Understanding of networking and security fundamentals and administration of Windows,
  • Unix/Linux, and Macintosh
  • Incident Response experience at scale, the use of automation, scripting manual responses when needed and API usage.
  • Help conduct IR tabletop exercises and blue team scenarios globally.
  • Experience with Docker and Kubernetes.
  • Knowledge of one or more programming and scripting languages.
  • Experience with protecting and responding to incidents within the open-source security stack.
  • Conducted your own research into emerging technologies, and maybe published a blog or two!
  • Have an ability to not only use enterprise tools to accomplish the objectives, but can achieve the same outcomes using other means, including manual investigations.

This is a great opportunity to join a global organisation with hardly any red tape! Go ahead and apply now. 

Apply for this position

Applications for this position have closed