Are you passionate DFIR professional? If yes, this opportunity is for you.
About Lab: We are building State-of-the-art Global Digital Forensic Incident Response (DFIR) Lab in GIDC. Our Lab has two divisions 1. Digital-Forensic 2. Digital-Incident- Response.
We focus to deliver diversified services including, DFIR Advisory, DFIR Lab Services, Web Policing, DFR Research and more.
What you get: In Fortune 500 company you will work on real-world critical cyber problems and make an impact by protecting our stakeholders from cybercrime.
What we are looking for: We are hiring for technically sound investigative team who can Investigate end-end Cyber Breaches.
Role: Cyber Incident Analyst / Digital Incident Investigator
This role works with global team to support Cyber Incidents across different regions and help customers to prepare for and respond to Cyber breaches. The role work independently on cases and get engaged with a globally distributed team.
Education & Certifications:
Bachelor`s Degree in Information Security or related discipline.
Certifications: CCNA, CEH, OSCP-(Offensive Security Certified Professional), OPST-(Professional Penetration Tester), eCPTT-(Certified Profession Penetration Tester), GCIH-(Certified Incident Handler), OPSA-(Professional Security Analyst), Security+, ISO 27035
5+ years professional IT or IT Security or Cyber Security experience
2+ years’ experience in Cyber Security Incident Response
Experience in conducting incident response investigations in a methodical way for organisations and investigating targeted threats impacting customer environments.
Experience in Application Programing, Databases and Scripting including Perl/Python/Ruby is desirable
Experience in Network security devices, including firewalls, Intrusion Prevention Systems, Intrusion Detection Systems, and so on.
Should have good understanding of TCP, IP, and other lower level network protocols, as well as common higher-level protocols such as HTTP, HTTPS, SMTP, POP3, FTP.
Experience in executing all phases of the incident-response-life-cycle: preparation, analysis, containment, eradication, remediation, recovery, and post-incident activity, including incident response functions such as host-based analytical functions, digital forensics, or malware analysis.
Experience administering, defending, or analyzing Windows, macOS or Linux
Experience in common types of Information Security threats, such as buffer overflows, cross site scripting, SQL injection, Phishing, Ransomware, and other techniques used to compromise security.
Experience in adopting Standard Frameworks including NIST, MITRE ATT&CK and Killchain.
Experience documenting and automating repetitive tasks and playbooks.
Experience with SIEM log analysis
Experience in conducting dynamic malware-analysis, memory-analysis and understanding of the reverse engineering process.
Analyst expect to lead technical investigations to reconstruct the chain of events that resulted in a cyber security incident or conduct log analysis.
Be comfortable chasing malware through systems and familiar with persistence mechanisms, injection methods and detection/evasion techniques.
Experience in Endpoint Detection and Response (EDR)/Network Security Monitoring (NSM)
Experience in Analyzing event logs/system logs, from Windows Operating Systems, Unix/Linux Operating Systems
Experience in Analyzing event logs/system logs from network devices, e.g. Cisco PIX/Switches/Routers, VPN gateways or network captures etc.
Ability to foster and develop strong client / stakeholders’ relationships.
Good to have skills:
Exposure to ISO 17025 and ISO 27001
Digital Forensic Tools
ServiceNow Incident Management
Exposure to Assistant Chief Police Officer (ACPO) Guidelines
Go-getter attitude with a goal-oriented personality to be able to stay motivated with minimal supervision and showcase leadership abilities
Strong written and verbal communication skills to effectively clarify ideas in forms of reports as well as verbally
Ability to build and maintain strong relationships with the team and external stakeholders while providing conflict resolutions
Continuously monitoring opportunities for process improvement and best practices to benefit team and organizational initiatives
Passionate team player with an innovative personality to be able to inspire others and lead by example