| Job Title: | Incident Response and Digital Forensic Lead Consultant |
| Contract Type: | Contract |
| Location: | England |
| Industry: | |
| Salary: | Negotiable |
| Start Date: | ASAP |
| Duration: | 3-mnths rolling |
| REF: | FJS-C-IncidReport_AD_1620763825 |
| Contact Name: | Alice Davis |
| Contact Email: | alice.davis@projectpeople.com |
| Job Published: | about 4 years ago |
Job Description
Incident Response and Digital Forensic Lead Consultant (PICERL/Cyber Kill Chain/ SIEM/ EDR/ IPS/ IDS / Azure/ AWS/ MITRE ATT&CK framework) is urgently required by our Global IT Services Client, for a rolling 3-month, home based contract.
We are looking for a candidate with a combination in the following:
- Understand the incident response framework and the tasks associated at each stage (PICERL).
- Understanding of the Cyber Kill Chain.
- Provide analytical triage of alert/event data.
- Knowledge of SIEM, EDR, IPS/IDS and other network security technologies.
- Assist with scoping prospective engagements.
- Customer focus - Be able to communicate with customer points of contact and provide incident updates to various stakeholders. -
- Acquisition of cloud data (Azure, AWS).
- Perform host based investigations (including memory and image acquisition).
- Display strong network investigative and diagnosis skills.
- Produce preliminary and ongoing timeline of attack activities.
- Produce high level clear and concise investigative reports.
- Carry out threat hunting engagements within customer environments utilising the latest threat intelligence and aligning to the MITRE ATT&CK framework.
- Utilise automation technologies to enable the swift deployment of Incident Response tooling and customer communication channels.
- Identify and manage IOCs
- Assist with developing and running tabletop exercises.
- Perform onboarding activities for IR customers
- Proactively update and create playbooks where necessary.
- Knowledge of malware analysis.
- At least the ability to obtain security clearance, better if already have it
- Posses or in the process of studying for one or more of the following certifications: GREM, GCFA, GCFE.
Technical Knowledge
- Digital Forensics
- Host/Network Intrusion Analysis
- Unix/Linux
- Windows (Endpoint and Server)
- Experience working with network security products (EDR, IPS, Web Proxy, etc.)
- Experience in creating and maintaining incident response plans.
This is a very urgent role. Please apply as soon as possible if you would like to be considered.
Project People is acting as an Employment Business in relation to this vacancy.
