Send me more jobs like this

Sorry, This job is expired.

Consultant, Incident Response & Forensics

Keywords / Skills : Consultant, Incident Response & Forensics

Posted: 2019-04-15

Industry
Recruitment/Staffing/RPO
Function
IT
Role
Software Engineer/Programmer
Posted On
15th Apr 2019
Job Ref code
493559000000370023
Job Description
Job Description :

IR / Forensics Managing Consultant you will join part of an industry leading team where you will be focused on providing incident response, threat analysis, and program management to our client base. You will be responsible for incident response and threat analysis process development for customers, as well as using your incident response skills to help identify and contain security breaches. You will also brief senior executives on threats in their environment and their industry, based on client's wealth of threat intelligence. We encourage give back to the community and strongly support sharing of expertise through authoring whitepapers, developing free tools, and speaking at conferences.

Responsibilities:
  • Develop custom reports based on data from multiple sources, including appliances, threat intelligence, network sensors, and outside intelligence feeds
  • Present technical material in a clear, organized briefing to a mix of technical and non-technical personnel
  • Identify opportunities to integrate appliances with other security products in customers network
  • Develop custom reports and other custom configurations / use cases for products within customers environment
  • Help determine the extent of the compromise, attributes of any malware and possible data ex-filtrated
  • Develop, document and manage containment strategy
  • Maintain current knowledge of tools and best-practices in advanced persistent threats; tools, techniques, and procedures of attackers; and forensics and incident response


Requirements
  • 4 or more years experience in an analytical role of either network forensics analyst, threat analyst, incident response or security engineer/ consultant
  • One or more of the following technical certifications: GIAC Certified Incident Handler (GCIH), GIAC Certified Forensic Analyst (GCFA), GIAC Reverse Engineering Malware (GREM), EnCE or equivalent certifications in these areas
  • Experience developing and managing incident response programs
  • Expertise in analysis of TCP/IP network communication protocols
  • Experience conducting analysis of electronic media, packet capture, log data, and network devices in support of intrusion analysis or enterprise level information security operations
  • Experience with advanced computer exploitation methodologies
  • Demonstrated ability to make decisions on remediation and countermeasures for challenging information security threats
  • Ability to synthe data from multiple sources and present concise, relevant information to a non-technical audience
  • Experience with a scripting language such as Perl, Python, or other scripting language in an incident handling environment, highly desired


Additional Qualifications:
  • Excellent communication and presentation skills with the ability to present to a variety of external audiences, including being able to interact with senior executives
  • Exceptional written communication
  • Strong leadership skills with the ability to prioritize and execute in a methodical and disciplined manner
  • Ability to set and manage expectations with senior stake-holders and team members
  • Excellent knowledge of current information security solutions and technologies, including network and host based products
  • Experience implementing NIST information security guidelines in a diverse network environment
  • Experience and knowledge of packet flow/TCP/UDP traffic, firewall technologies, proxy technologies, anti-virus, spam and spyware solutions (Gateway and SaaS)
  • Malware/security experience
  • Programming / scripting skills, highly desired






Walkin for you