The Security Incident Response Engineer will provide technical expertise in serving the firm's incident response, processes, and activities. The Incident response engineer will work to identify, analyse, and respond to potential threats to the firm.
Working at Baker McKenzie:
Baker McKenzie is the world’s leading law firm with offices all over the world. Our Belfast Centre is home to over 400 teammates in both legal and professional services such as finance, IT, marketing, and business support.
We offer one of the best workplace benefits packages in the business with comprehensive private health cover, income protection, life assurance and a full employee assistance plan. These and a host of other benefits make us one of the most desirable companies to work for in Belfast.
We are committed to promoting inclusion, diversity, and equity for all and are confident we can provide a career as individual and as exceptional as you.
About the role:
As part of this role, the successful candidate will:
- Provide security expertise in incident response to protect and mitigate the firm from information security threats.
- Assist with digital forensics expertise and have excellent knowledge of current and emerging threats.
- Think both like an attacker and a defender to work through IR incidents or events to the conclusion.
To be successful in this role you will need:
Skills and Experience:
- Computer Science Bachelor’s degree or substantial equivalent experience
- Experience of CISSP, OSCP, CEH or SANS GCFE, GCFA, GNFA, GCTI, GREM, or GCIH
- Extensive experience of security Incident response in an enterprise environment
- Strong experience of windows systems forensics, diagnostics and image acquisition strategies
- Audit, asses and evaluate emerging vulnerabilities in cyber threat landscape.
- Experience of CSIRT leadership throughout incident lifecycle
- Good understanding to TCP/IP protocols and experience of wireshark and packet analysis tools
- Excellent knowledge of Application security controls and penetration testing methodologies
- Confident in scripting, python or similar language
- Experience of Risk analysis and reporting to executive level
- Experience of designing IR policies and implementation of IR procedures
- Extensive experience of SIEM and log analytics
- SOAR knowledge for IR automation and remediation
- Working knowledge of cloud security technologies, standards, and controls
- Expert analytical skills, including the gathering and analysing of facts, formulating objective conclusions modified by subjective and experience-based qualifiers when appropriate, defining problems, and promoting solutions
- Ability to adapt, integrate, and modify existing programs or vendor-supplied package programs for use with existing information systems
- Proficient in oral and written English
- Ability to be productive and maintain focus without direct supervision