Basic :
- Minimum 4+ years experience in Cyber-security and Bachelor's degree or equivalent combination of related work experience and schooling/certifications in lieu of degree
- Interface with Incident Response and knowledge of the IR lifecycle.
- Proven experience and knowledge of handling different kinds of incidents including APT, ransomware, etc.
- Capability of operating independently and in a team environment as part of a geographically dispersed virtual team with minimal supervision.
- Proficiency with EnCase, FTK, KAPE, volatility and other tools to investigate incidents- root cause
- Proven ability to troubleshoot and solve technical issues
- Ability to travel domestically and internationally
Certification Required:
The candidate must possess at least one relevant professional designation or related advanced IT certification, but not limited to the following will be considered an advantage:
- GIAC Certified Incident Handler (GCIH)
- GIAC Certified Forensic Analyst (GCFA)
- GIAC Certified Intrusion Analyst (GCIA)
- GIAC Network Forensics Analysts (GNFA)
- GIAC Reverse Engineering Malware (GREM)
- Certified Ethical Hacker (CEH)
The candidate shall perform specific activities that include, but not limited to the following:
- Identify, contain, mitigate, recover, and report on cyber-security incidents affecting the enterprise, business, and subsidiary networks globally.
- Analyse and investigate adverse events and incidents using an enterprise security information and event monitoring (SIEM), logs from firewalls, IDS/IPS, proxies, servers, endpoints and other network devices to determine threats, attack vector, indicators of compromise, threat's tactics techniques and procedures, scope of activity, and appropriate response.
- Collaborate and coordinate with peers and stakeholders across clients, global functional and business unit teams as needed to analyse and respond to adverse events and incidents.
- Conduct threat hunts in client environment to proactively search for threats within the environment that may go undetected by conventional network security monitoring or defences.
- Utilize cyber security tools to actively hunt for threats in the enterprise network.
- Be aware of the latest threats, their TTPs and IOAs / IOCs, vulnerabilities, exploits, and other relevant threat information and trends on threat actors and attacks conducted.
- Collaborate with clients to improve detection and monitoring, develop cyber defences, and perform advanced network and host analysis.
- Ability and willingness to share on-call responsibilities, and work non-standard hours as needed.
- Onsite travel is required
- Naturally curious and inquisitive nature; persistent and determined; enjoys solving problems and puzzles; analytically rigorous; uncompromising integrity; ethical.
- Excellent social, written and verbal communication skills; must be able to clearly and concisely present analytical data to a variety of technical and non-technical peers, and management.
Didn’t find the job appropriate? Report this Job