Senior Analyst/Consulting SME | Incident Response | New York/Remote
A fantastic opportunity for a Senior Level Cyber Security Incident Response Analyst/Consultant to join a leading global consultancy within the Cyber Security Team. Reporting directly to the Head of Incident Response this is an opportunity to lead information security consultancy engagements with external clients as well as supporting internal information security programs, facilitating the growth of the US practice and mentoring junior consultants. If you are experienced in responding to cyber breaches, performing forensics investigations, and assessing and planning for events and have a broad and solid knowledge of information security encompassing a good understanding of the practical application of security technology as well as its theory then this is 100% the next move for you! You will be delivering information security consulting projects across a range of disciplines into small, medium and enterprise organizations and must be will a strong communicator who is comfortable interacting with people at all levels from the C-Suite to technical teams.
MAIN DUTIES AND RESPONSIBILITIES
• Deliver incident response consulting to external clients across a broad range of industries
• Perform host- and network-based cyber breach incident response investigations that include: –Triage –System recovery –Technical evidence collection –Forensics, log, malware and root cause analyses –Identify attacker tools, tactics and procedures –Develop incident management plans, deliver training, and conduct table-top exercises –Document and maintain internal incident response policies and procedures and support the build and evolution of tools and frameworks
• Lead on cyber security pre-breach engagements, which include: –Information security controls assessments –Risk assessments –Vulnerability assessments –Regulatory and compliance assessments –Develop and deliver security awareness training –Contribute to marketing and business development efforts
• Document and maintain incident response policies and procedures
• Participate in an on-call rotation to provide 24X7X365 client incident coverage
SKILLS, QUALIFICATIONS, & EXPERIENCE The qualifications and experience to perform this role successfully are:
• Advanced working knowledge of endpoint, memory and network forensics tools (such as FTK, Encase, Volatility, SIFT, Wireshark)
• Able to perform malware analysis (static and dynamic)
• Knowledge of at least one scripting language (like Python, Ruby, PHP or Powershell) that can be utilized to automate tasks is highly desirable
• Excellent writing and presentation skills with the ability to convey complex technical information clearly and concisely and tailored to any audience, including C-suite
• Network administration understanding to include configuration of firewalls, switches and routers is preferred
• Sound knowledge of security tools such as SIEM, firewalls, IDS/IPS, proxies, AV is preferred
• Certifications such as CREST, GNFA, GCFA, GCFE, GCIA, GCIH, GREM, CCIM, EnCE, EnCEP, ACE are highly desirable.