October 24, 2007

Job Seekers

Looking for a career? You've come to the right place!

Senior Incident Response Analyst

Location: New York, NY
Date Posted: 04-25-2019

This is an exciting role to suit a passionate and keen cyber security enthusiast. This role is to both deliver IR engagements and developed incident response capabilities within the services provided. This candidate will be involved in a wide range of activities from pre sales, SOC escalations and incidents, direct IR engagements, and enhancing and developing the service. We provide both first line IR services and also extensive IR consultancy to large organizations where the development and maturity of customers in house IR capabilities is needed. Integrating with our own SOC Maturity Model you will be involved in the delivery of purple teaming consultancy, IR maturity reviews, post red team IR assessments and proactive IR simulations and readiness workshops. We have active involvement in the key bodies that are shaping this maturing area and this role will require active leadership within this.

We believe that a solid understanding of real life attacks is essential in any high quality Incident Response services. Proven experience with offensive security (penetration testing), as well as incident response, networking and endpoint solutions, are all distinct advantages.

Manage and develop the IR service offerings and capability technically and commercially
Be able to guide, influence and provide thought leadership within incident response services
Be able to work with the team to lead and have managed complex/sophisticated IR investigations
Work alongside Senior IR team members and manage incidents in line with industry standards and practices
Deliver purple teaming management, red team post event IR assessments and desktop/real life IR simulations at a technical and executive level
Work with the sales team and manage pre sales calls and meetings.
Demonstrate IR capability to senior managers and explain the benefits to C-Level
Proven Experience
Experience of offensive security (i.e. Pen testing)
Be hands on familiar with IR toolsets and investigation techniques
Knowledge and experience with proactive threat hunting techniques and procedures
Understand what sophisticated, real world attacks look like and how to identify TTP’s within log data
Have experience with and knowledge of threat intelligence, honeypots and 3rd party TI feeds

Qualifications in any of the following areas:
  • IT Security related degree.
  • Hold, or be able to sit and pass one of the CREST Incident Response exam within 3 months
  • In-depth knowledge of operating systems – Windows & Linux
  • In-depth knowledge of firewalls & IDS/IPS
  • In-depth knowledge of malware and reverse engineering,
  • Experience with OSINT and threat intelligence gathering methods
  • Excellent verbal, written and presentation skills
  • Collaborative attitude and must be able to co-ordinate with teams across continents.

  • Industry standard information security certification (CISSP, CISM etc)
  • Hold a CREST (or other industry related exam) in Penetration Testing (CRT, CCT, etc)
  • Hold SANS or CREST exams in IR around Management, Host, Network or Malware
  • Ideally have working within defensive and offensive areas for 2-5 years and been involved in deep dive, sophisticated, advanced investigations.

this job portal is powered by CATS