Marcus Donald are currently looking for a Senior Incident Response Analyst to join a global Investment Bank – an amazing business! We are looking to speak with someone with strong Enterprise Incident Response and experience supporting the Security Operations Centre (SOC), who possesses 4+ years professional experience in Cyber Security!
Amongst many other areas, you will be responsible for cyber security investigations and incident handling and will perform memory, cloud, and network forensics with either Linux or Windows.
Day Rate: £500 - £650 p/d
Senior Incident Response Analyst – Responsibilities:
- Lead and coordinate the investigation effort for cyber security incidents
- Conduct live response analysis, network analysis, log analysis, and malware triage in support of incident response investigation
- Work with various security/internal teams to contain, remediate and escalate (where required) security incidents
- Support L1 triage activities and L3 threat hunting missions as needed
- Provide assistance and guidance to L1 Event Monitoring and Triage team by monitoring of SIEM, CSOC mailboxes, and the case management system for attacker activity.
- Provide assistance and support to L3 Advanced Threat Detection team through execution of developed threat hunting missions, threat research, and profiling of potential threats
- Conduct in-depth log analysis (windows Linux), memory forensics, cloud forensics and network forensics.
Incident Response Specialist – Technical:
- Knowledge of Firewall, IDS/IPS, Antivirus, SIEM, Web Proxy & Web Application Firewall
- Functional knowledge of Cyber Security and Incident Response foundations, theory, terminology (Kill Chain, TTPs, APT, IOCs, etc.)
- Experience with Splunk, ELK/Elastic or other transferrable tools
- Malware, Network, Web, and Forensic analysis skills
- Understanding of the Cyber Kill Chain, APT TTP and Threat Intelligence
- Hypothesis-based Threat Hunting in an Enterprise environment
- Confidence to make recommendations to knowledge-based platforms, playbooks and assist with identifying operational areas of improvement
This is an amazing opportunity for a Cyber Security specialist who can identify and triage security incidents such as Malware, Phishing and Web Attacks to become part of a fantastic organisation with huge plans in place for the next 5 years! To see the full JD and register your interest feel free to apply online or drop me an email - email@example.com.