Our client is building a new Cyber Security Operations Centre and is seeking a motivated Cyber Security Incident Response expert with demonstrated experience working within a large SOC environment to be part of the team. Working within a great, motivated team, you will have the opportunity to influence and shape the growth of the Cyber Security Operations Centre and the services it provides. This role will be through intially until March 2021 and will be working from home to begin with.
- Act as the escalation point and Level 3 incident response expert for cyber security incidents identified by the level 1 & 2 Security Analysts, external managed security service providers or the internal IT internal Service Desk.
- Provide coordination and guidance during confirmed cyber security incidents, by coordinating resources and directing the use of timely and appropriate countermeasures.
- Produce detailed incident reports outlining the circumstances around the event as well as detailed post incident investigations outlining lessons learned and opportunities for service improvement.
- Manage the continuous monitoring, detection and analysis of potential intrusions in real time and through historical trending on security relevant data sources in collaboration with extended MSSP SOC/SIEM
- Conducting vulnerability scans and recognizing vulnerabilities in security systems.
- Correlate incident data to identify specific vulnerabilities and make recommendations that enable expeditious remediation.
- Conduct vulnerability assessments
- Conduct impact assessments
- Providing guidance and assistance in the review and update of the Standard Operating Procedures and playlist catalogues
- Provide expert knowledge and mentoring in relation to the predicting, preventing, detecting and responding to cyber security threats, as well as assisting in the design operation of the core technologies used by the Cyber Security Operations Centre (CSOC) team.
- Experience in large enterprise environments, and experience working in a Cyber Security threat management, SOC or Level 3 Security Analyst position.
- Experience leading cyber incident response engagements (either in-house or as a consultant)
- Lateral thinker with s systematic approach to troubleshooting and analysis of cyber security incidents and threats.
- An understanding of networking protocols and infrastructure designs; including, firewall functionality, routing, encryption, host and network intrusion detection systems, load balancing, and other network protocols.
- An understanding of the current threat landscape, response, and mitigation strategies used in cyber security.
- An understanding of attacker tactics, techniques and procedures and the cyber kill chain.
- Knowledge of scripting and programming languages
- Experience working on multiple operating systems/platforms
- Experience in utilising tools such as but not limited to debuggers, anomaly detectors, file analysers, network protocol analysers.
- Be able to complete post mortem analysis of network logs, traffic flows and other activities to identify malicious activity on a network.
- The ability to analyse and reverse engineer various file types including providing dynamic and static analysis of malware artefacts and binaries as well as other malicious attack files.
- A good understanding of ISO 27K standards
- (ISC)2 CISSP
- Certifications such as CISA, GIAC, CEH will be highly regarded
If this sounds like you then we would love to hear from you. Apply Now! Or contact Vidya Sadawarte on 07 3003 7651 for a confidential discussion for more information.