By contacting us you agree with the storage and handling of your data by this website.
Department: Incident Response
Roles and Responsibilities: -
- Investigate and analyse logs and security-related events via EDR/XDR/Raw Logs
- Investigating using SIEM consoles.
- Live Disk forensics.
- TTP based Threat Hunting.
- Identify and respond to cyber threats occurring within customer environments.
- Communicate and document findings to various customer audiences including, technical and executive teams.
- Collaborate and assist with core security and threat response teams.
- Actively research emerging Indicators of Compromise/Attack, exploits and vulnerabilities with the intent of operationalizing findings to better protect our customers.
- Innovative mindset and driven to contribute to a team providing a best-in-class cybersecurity service.
- 2+ years of experience working in a SOC environment or computer security team in an IT environment.
- Experience with endpoint and network security monitoring.
- Experience administering and supporting Windows OS (both workstations and server) and one of the following:
- Apple or Linux-based operating systems (e.g. XP, Windows 7, 2003, 2008, OS X).
- Knowledge of common adversary tactics and techniques, e.g., obfuscation, persistence, defense evasion, etc.
- Knowledge of Mitre ATT&CK framework.
- Knowledge of incident response procedures.
- Basic understanding of network traffic analysis including TCP/IP, routing, switching, protocols, etc.
- Basic understanding of Windows event log analysis.
A plus if you have:
- Experience with SQL query construction.
- Experience with OSQuery.
- Programming and scripting skills - proficient knowledge of Powershell.