Job Details:
Successful candidates will be involved in a range ofSecurity Monitoring(SM) architecture OR ofIncident Response(IR) related activities for many of our largest global clients. These activities include:
*.
Designing SM / IR policies, procedures and protocols for our clients
*.
Assisting clients to build in-house capabilities in areas such as IR, SM, Security Operations centre (SOC), Security Information and Event Management (SIEM), etc
*.
Assisting to deploy SM-related technologies to clients’ networks
*.
Assessing clients’ current SM / IR capabilities
*.
Lead teams of more junior Security Monitoring analysts
*.
Assisting clients respond to, investigate and recover from security incidents
*.
Analysing malware
*.
Responding to security alert escalations
*.
Host and network forensics
In addition to strong technical skills, this role demands strong written and verbal communication skills. Prior to the start of engagements, it will be necessary to interact with (often senior-level) client contacts to fully understand the business context and nature of their requirements.
Candidate level
Candidates must have at least three years’ professional experience in the field of cybersecurity, at least one of which should be in a dedicated SM or IR role. Various roles exist across the firm’s consultant and managerial grades; candidates will be assessed based on their knowledge and experience and will be aligned with the most appropriate grade during the interview process.
#LI-P
Skills and attributes
Candidates will be expected to have experience in the majority of the following areas:
Security Monitoring
*.
SOC monitoring, design and architecture
*.
Architecture, administration and deployment of security solutions such as firewalls, IPSs and vulnerability identification / management systems
*.
Experience with Splunk, Fidelis or CarbonBlack is a plus
Incident Response
*.
Forensic data collection (evidence handling and data acquisitions)
*.
Forensic analysis and reporting
*.
Experience of malware analysis and reverse engineering
*.
Computer and server hardware implementation and administration
*.
Networking implementation and administration
*.
Prior IR experience in an enterprise environment
General
*.
Experience with Splunk, Fidelis or Carbon Black is a plus
*.
A degree in a technical field such as computer science, mathematics, engineering or similar (a Master’s degree in a relevant field would be a plus)
*.
Excellent written and verbal communication skills
*.
Strong presentation and facilitation skills
Candidates possessing any of the following qualifications will be at a distinct advantage:
*.
GCED - GIAC Certified Enterprise Defender
*.
GCIA – GIAC Certified Intrusion Analyst
*.
GCIH - GIAC Certified Incident Handler
*.
GCFA - GIAC Certified Forensic Analyst
*.
GNFA - GIAC Network Forensic Analyst
*.
GCFE - GIAC Certified Forensic Examiner
*.
GPPA - GIAC Certified Perimeter Protection Analyst
*.
GREM - GIAC Reverse Engineering Malware
*.
CCFP - Certified Cyber Forensics Professional
*.
GSEC - GIAC Security Essentials
*.
GREM – GIAC Reverse Engineering Malware
*.
ISSAP - Information Systems Security Architecture Professional (ISSAP)
*.
EMCTA - Technology Architect
*.
EMCPE - Platform Engineer
*.
EMCIE - Implementation Engineer
*.
Splunk Certification accreditation...
[Apply on company's page]
Follow @CareerSpaceInfo .. Subscribe to CareerSpace.info by Email »
No comments:
Post a Comment