Connecting to LinkedIn...

Incident Response Lead

Job Title: Incident Response Lead
Contract Type: Contract
Location: England
Salary: Negotiable
REF: FJS- IRL- IA_1620733746
Contact Name: Ilknur Astarci
Contact Email:
Job Published: over 1 year ago

Job Description

Start: ASAP

Location: Home working

Essential Skills

  • Customer focus - Be able to communicate with customer points of contact and provide incident updates to various stakeholders.
  • Produce high level clear and concise investigative reports.
  • Assist with developing and running tabletop exercises.
  • Experience in creating and maintaining incident response plans.

Incident Response and Digital Forensic Required Skills & Experience

  • Understand the incident response framework and the tasks associated at each stage (PICERL).
  • Understanding of the Cyber Kill Chain.
  • Provide analytical triage of alert/event data.
  • Knowledge of SIEM, EDR, IPS/IDS and other network security technologies.
  • Assist with scoping prospective engagements.
  • Acquisition of cloud data (Azure, AWS).
  • Perform host based investigations (including memory and image acquisition).
  • Display strong network investigative and diagnosis skills.
  • Produce preliminary and ongoing timeline of attack activities.
  • Carry out threat hunting engagements within customer environments utilising the latest threat intelligence and aligning to the MITRE ATT&CK framework.
  • Utilise automation technologies to enable the swift deployment of Incident Response tooling and customer communication channels.
  • Identify and manage IOCs
  • Perform onboarding activities for IR customers
  • Proactively update and create playbooks where necessary.
  • Knowledge of malware analysis.
  • At least the ability to obtain security clearance, better if already have it
  • Posses or in the process of studying for one or more of the following certifications: GREM, GCFA, GCFE.

Technical Knowledge

  • Digital Forensics
  • Host/Network Intrusion Analysis
  • Unix/Linux
  • Windows (Endpoint and Server)
  • Experience working with network security products (EDR, IPS, Web Proxy, etc.)

Project People is acting as an Employment Business in relation to this vacancy.