Senior Incident Responder
-
Location
Remote; or Washington
-
Sector:
-
Job type:
-
Salary:
Up to 185k (annual salary)
-
Contact:
Ross Gisondi
-
Contact email:
r.gisondi@hamlynwilliams.com
-
Salary high:
0
-
Salary low:
0
-
Job ref:
CSOC110
-
Published:
6 months ago
-
Expiry date:
2022-03-22
Responsibilities
- Oversee and participate in incident response.
- Analyzing cyber threats and networks intrusions.
- Oversee and participate advanced forensic investigations (host and network).
- Assist in the development of security policies and procedures.
- Monitor security alerts, SIEM tools, host and network IDS, system logs, and firewall logs (Unix and Windows).
- Create and maintain incident response policy and procedure updates as needed.
- Mentor Level 2 and Level 1 analysts, and serve as the escalation point for security incidents.
Qualifications
- Ability to work in teams.
- Experience with SIEM software and IDS/IPS
- Advanced knowledge and understanding of network devices and protocols.
- Experience with Mac OS, Windows, and Unix systems.
- Experience in event log analysis and ability to recognize emerging cyber intrusions/attacks.
- Ability to work in a high pressure environment
- Experience using Splunk
- Experience with forensic tools FTK or EnCase
One of more of these skills are desired: threat hunting, static/dynamic malware analysis, or reverse engineering. Scripting experience can be useful as well.