Incident Response and Digital Forensic Lead Consultant

Incident Response and Digital Forensic Lead Consultant (PICERL/Cyber Kill Chain/ SIEM/ EDR/ IPS/ IDS / Azure/ AWS/ MITRE ATT&CK framework) is urgently required by our Global IT Services Client, for a rolling 3-month, home based contract.

We are looking for a candidate with a combination in the following:

• Understand the incident response framework and the tasks associated at each stage (PICERL).
• Understanding of the Cyber Kill Chain.
• Provide analytical triage of alert/event data.
• Knowledge of SIEM, EDR, IPS/IDS and other network security technologies.
• Assist with scoping prospective engagements.
• Customer focus - Be able to communicate with customer points of contact and provide incident updates to various stakeholders. -
• Acquisition of cloud data (Azure, AWS).
• Perform host based investigations (including memory and image acquisition).
• Display strong network investigative and diagnosis skills.
• Produce preliminary and ongoing timeline of attack activities.
• Produce high level clear and concise investigative reports.
• Carry out threat hunting engagements within customer environments utilising the latest threat intelligence and aligning to the MITRE ATT&CK framework.
• Utilise automation technologies to enable the swift deployment of Incident Response tooling and customer communication channels.
• Identify and manage IOCs
• Assist with developing and running tabletop exercises.
• Perform onboarding activities for IR customers
• Proactively update and create playbooks where necessary.
• Knowledge of malware analysis.
• At least the ability to obtain security clearance, better if already have it
• Posses or in the process of studying for one or more of the following certifications: GREM, GCFA, GCFE.

Technical Knowledge

• Digital Forensics
• Host/Network Intrusion Analysis
• Unix/Linux
• Windows (Endpoint and Server)
• Experience working with network security products (EDR, IPS, Web Proxy, etc.)
• Experience in creating and maintaining incident response plans.

This is a very urgent role. Please apply as soon as possible if you would like to be considered.

Project People is acting as an Employment Business in relation to this vacancy.