Senior Cyber Security Incident Responder

Ref No. 23825
Remote
Posted 04 Oct 2022

Overview

Salary: Please contact us

Employment: Permanent

Job description

Looking for an Incident management role where you can work fully remotely for an established and reputable Cyber Defence team?

If you’ve managed a range of cyber security incidents from large scale vulnerabilities to data exploitation to breaches of containers; we want to hear from you!

The role:

  • Stakeholder management is a big part of this role, it involves working with C-Suite 3rd party stakeholders so you will need to be able to adapt your communication approach and explain technical terminology in a non-technical way.
  • There is a focus on cloud and malware – if you’ve worked with one and are looking to upskill in the other; this role offers the training.
  • DLP is part of the role but not the focus, so it isn’t suitable for DLP specialists

The company:

  • With a reputation for being one of the UK’s best employers for the last quarter of a century, this company has mastered how to retain the growing team; and that’s through consistent learning opportunities and ongoing progression.
  • They’re always at the forefront of technology and constantly implement the most modern and cutting-edge tools and frameworks.
  • They have a remote first approach to working, they value a work life balance and want to offer as much flexibility to the team as possible

The Tech:

  • Windows, Linux & Mac
  • Scripting in languages such as Python, PowerShell, and Bash. 
  • Cyber Kill Chain, MITRE ATT&CK and other information security defence and intelligence frameworks. 

 

The Experience required:

 

  • Strong knowledge of multi-cloud incident response, including but not limited to: 
    • Investigation into relevant logs such as Prisma, Sentinel, Defender, etc.
    • Cloud-native automation of containment activities. 
    • Collaboration with application and infrastructure to understand cloud attack vectors and security measures required.
    • SaaS application investigations and relationship management
  • Experience in reverse-engineering malware samples and C2 protocols, including but not limited to:
    • Reverse engineering recently discovered malware variants and their respective C2 infrastructure and targets. 
    • Research into the latest malware detection evasion techniques.
    • Creation of detection rules and/or provide detection or blocking recommendations. 

‘Apply Now’ to be considered or contact Kim for a confidential chat – k . gibbons @ intapeople . com

Your consultant

Kim Gibbons

IT Team Lead

Get in touch:

k.gibbons@intapeople.com