Cyber Incident Responder

Type van engagement: Cyber response.

Beschrijving: Ellis IT is seeking a Cyber Incident Responder to handle a range of cyber incidents for law firms, corporate organisations, and law enforcement.

Minimaal aantal jaren ervaring: 4 Years.

Belangrijke vaardigheden vereist:

• Proven understanding of the Cyber Kill Chain, MITRE ATT&CK and other information security defence and intelligence frameworks.
• Strong understanding of enterprise grade technical security controls and defence in-depth practices.
• Experience in incident handling, threat hunting and threat intelligence.
• Experience of collecting logs from and utilising HIDS, IDS/IPS systems, SIEMs, AD controllers and firewalls.
• Experience in cloud-based infrastructure including Microsoft Azure and Office 365, Amazon AWS, and Google Cloud.

Verantwoordelijkheidsgebieden:

• Emergency incident response – mitigation and remediation.
• Manage and organise initial response activities remotely and onsite to contain cyber incidents for customers.
• Acquire and investigate server logs, firewall logs, intrusion detection system alerts, traffic logs and host system logs (particularly Office 365).
• Conduct forensic acquisitions of disks, RAM (and other volatile data), mobile telephone and other relevant devices.
• Perform malware analysis.