Consultant/Senior Consultant - Incident Response - Cyber Security

Basic :

- Minimum 4+ years experience in Cyber-security and Bachelor's degree or equivalent combination of related work experience and schooling/certifications in lieu of degree

- Interface with Incident Response and knowledge of the IR lifecycle.

- Proven experience and knowledge of handling different kinds of incidents including APT, ransomware, etc.

- Capability of operating independently and in a team environment as part of a geographically dispersed virtual team with minimal supervision.

- Proficiency with EnCase, FTK, KAPE, volatility and other tools to investigate incidents- root cause

- Proven ability to troubleshoot and solve technical issues

- Ability to travel domestically and internationally

Certification Required:

The candidate must possess at least one relevant professional designation or related advanced IT certification, but not limited to the following will be considered an advantage:

- GIAC Certified Incident Handler (GCIH)

- GIAC Certified Forensic Analyst (GCFA)

- GIAC Certified Intrusion Analyst (GCIA)

- GIAC Network Forensics Analysts (GNFA)

- GIAC Reverse Engineering Malware (GREM)

- Certified Ethical Hacker (CEH)

The candidate shall perform specific activities that include, but not limited to the following:

- Identify, contain, mitigate, recover, and report on cyber-security incidents affecting the enterprise, business, and subsidiary networks globally.

- Analyse and investigate adverse events and incidents using an enterprise security information and event monitoring (SIEM), logs from firewalls, IDS/IPS, proxies, servers, endpoints and other network devices to determine threats, attack vector, indicators of compromise, threat's tactics techniques and procedures, scope of activity, and appropriate response.

- Collaborate and coordinate with peers and stakeholders across clients, global functional and business unit teams as needed to analyse and respond to adverse events and incidents.

- Conduct threat hunts in client environment to proactively search for threats within the environment that may go undetected by conventional network security monitoring or defences.

- Utilize cyber security tools to actively hunt for threats in the enterprise network.

- Be aware of the latest threats, their TTPs and IOAs / IOCs, vulnerabilities, exploits, and other relevant threat information and trends on threat actors and attacks conducted.

- Collaborate with clients to improve detection and monitoring, develop cyber defences, and perform advanced network and host analysis.

- Ability and willingness to share on-call responsibilities, and work non-standard hours as needed.

- Onsite travel is required

- Naturally curious and inquisitive nature; persistent and determined; enjoys solving problems and puzzles; analytically rigorous; uncompromising integrity; ethical.

- Excellent social, written and verbal communication skills; must be able to clearly and concisely present analytical data to a variety of technical and non-technical peers, and management.