Description

The Security Incident Response Engineer will provide technical expertise in serving the firm's incident response, processes, and activities.  The Incident response engineer will work to identify, analyze, and respond to potential threats to the firm.
 
Responsibilities:
  • Provide security expertise in incident response to protect and mitigate the firm from information security threats
  • Assist with digital forensics expertise and have excellent knowledge of current and emerging threats
  • Think both like an attacker and a defender to work through IR incidents or events to the conclusion
 
Skills and Experience:
  • Computer Science Bachelor’s degree or substantial equivalent experience
  • Experience of CISSP, OSCP, CEH or SANS GCFE, GCFA, GNFA, GCTI, GREM, or GCIH
  • Extensive experience in security Incident response in an enterprise environment 
  • Strong experience in Windows systems forensics, diagnostics, and image acquisition strategies 
  • Audit, asses, and evaluate emerging vulnerabilities in the cyber threat landscape. 
  • Experience of CSIRT leadership throughout the incident lifecycle
  • Good understanding of TCP/IP protocols and experience of Wireshark and packet analysis tools
  • Excellent knowledge of Application security controls and penetration testing methodologies 
  • Confident  in scripting, python or similar language 
  • Experience in Risk analysis and reporting to executive-level 
  • Experience in designing IR policies and implementation  of IR procedures
  • Extensive experience of SIEM and log analytics
  • SOAR knowledge for IR automation and remediation 
  • Working knowledge of cloud security  technologies,  standards, and controls
  • Expert analytical skills, including the gathering and analyzing of facts, formulating objective conclusions modified by subjective and experience-based qualifiers when appropriate, defining problems, and promoting solutions
  • Ability to adapt, integrate, and modify existing programs or vendor-supplied package programs for use with existing information systems
  • Proficient in oral and written English
  • Ability to be productive and maintain focus without direct supervision