Description
A 6 month contract position (with a high possibility of extension), as an Incident Response Associate, working for a Big 4 Consultancy who are offering a competitive day rate. Complete remote working initially, potentially on-site requirement after the 6 months.
Skills and Experience
- Extensive proven experience in Cyber Security Incident Response for large scale organisations
- Strong IT and network skills - knowledge of common enterprise technologies - Windows and Windows Active Directory, Linux, Cisco, etc.
- Advanced experience in industry forensic tools such as X-Ways, EnCase, FTK, Internet Evidence Finder (IEF)/AXIOM, TZWorks, and/or Cellebrite
- Strong experience in preservation of digital evidence (including experience preserving cloud data and handling encryption such as BitLocker, FileVault, and/or LUKS)
- Experience defining incident response team structures, incident response plans and playbooks.
- Experience with and understanding of enterprise Windows security controls
Qualifications
- General information security certificates such CISSP, CISM or CISA (Preferred)
- Incident Response specialist certifications such as Crest and GIAC (Preferred)
- Excellent communication skills (both written and oral) and project management skills.
- Ability to prioritize and manage a complex workload, including multiple tasks for themselves
- Excellent attention to detail, as well as the ability to see the bigger picture
Background
Working with a world renowned financial organisation, we are in search of anIncident Response Associate to work within theIncident Response & Investigations Team, who are undergoing transformation to maximise their effectiveness and success in the management of both technical and non- technical Security Incidents affecting the Firm.
Key Responsibilities
- Working as part of the firms Incident Response & Investigations team to design, communicate and execute incident response, containment and remediation plans.
- Managing a broad range of Cyber Security and Information Security incidents, gathering evidence including the collecting and analysing of logs and digital forensics. Establishing whether the unauthorised access to or data exfiltration has occurred and identifying and reporting on remediation activities.
- When not responding to incidents, you will be helping to develop our own delivery capability, including operational efficiency, standard operating procedures, team learning and development, tooling and platforms, lab development and orchestration.
- This role will include providing on-call Incident Response cover on a rota basis with other members of the Incident Response & Investigations Team.
For further information about this truly exciting opportunity and for an immediate online interview, please get in touch without delay!