| Job Title: | Incident Response and Digital Forensic Lead Consultant |
| Contract Type: | Contract |
| Location: | England |
| Industry: | |
| Salary: | Negotiable |
| Start Date: | ASAP |
| Duration: | 3-mnths rolling |
| REF: | FJS-C-IncidReport_AD_1620763825 |
| Contact Name: | Alice Davis |
| Contact Email: | alice.davis@projectpeople.com |
| Job Published: | almost 3 years ago |
Job Description
Incident Response and Digital Forensic Lead Consultant (PICERL/Cyber Kill Chain/ SIEM/ EDR/ IPS/ IDS / Azure/ AWS/ MITRE ATT&CK framework) is urgently required by our Global IT Services Client, for a rolling 3-month, home based contract.
We are looking for a candidate with a combination in the following:
- Understand the incident response framework and the tasks associated at each stage (PICERL).
- Understanding of the Cyber Kill Chain.
- Provide analytical triage of alert/event data.
- Knowledge of SIEM, EDR, IPS/IDS and other network security technologies.
- Assist with scoping prospective engagements.
- Customer focus - Be able to communicate with customer points of contact and provide incident updates to various stakeholders. -
- Acquisition of cloud data (Azure, AWS).
- Perform host based investigations (including memory and image acquisition).
- Display strong network investigative and diagnosis skills.
- Produce preliminary and ongoing timeline of attack activities.
- Produce high level clear and concise investigative reports.
- Carry out threat hunting engagements within customer environments utilising the latest threat intelligence and aligning to the MITRE ATT&CK framework.
- Utilise automation technologies to enable the swift deployment of Incident Response tooling and customer communication channels.
- Identify and manage IOCs
- Assist with developing and running tabletop exercises.
- Perform onboarding activities for IR customers
- Proactively update and create playbooks where necessary.
- Knowledge of malware analysis.
- At least the ability to obtain security clearance, better if already have it
- Posses or in the process of studying for one or more of the following certifications: GREM, GCFA, GCFE.
Technical Knowledge
- Digital Forensics
- Host/Network Intrusion Analysis
- Unix/Linux
- Windows (Endpoint and Server)
- Experience working with network security products (EDR, IPS, Web Proxy, etc.)
- Experience in creating and maintaining incident response plans.
This is a very urgent role. Please apply as soon as possible if you would like to be considered.
Project People is acting as an Employment Business in relation to this vacancy.
SIMILAR ROLES
-
3rd Line WAN Network Support & Project Engineer
Location: Solihull
Salary: Negotiable
-
First Line Support Agent
Location: Bracknell
Salary: Negotiable
-
1st Line Technical Support Agent
Location: Bracknell
Salary: Negotiable
-
Data Center Engineer _ Mandarin speaking
Location: Newport
Salary: Negotiable
-
Security Architect
Location: Hampshire
Salary: Negotiable
-
Infrastructure/Data Comms Project Manager (CSCS/ECS)
Location: London
Salary: Negotiable