Incident Response & Forensic Investigation Specialist

Your Responsibilities

• Examine and analyse data/logs from variety of security technologies, such as IDS/IPS, Firewalls, Switches, VPNs and other security threat data sources - includes forensic analysis of system resource access.
• Articulate and Execute Incident Response methods such as SANS
• Correlate and analyze events using the SIEM tools to detect IT security incidents
• Create, Follow and Present detailed process and procedures to appropriately analyze, escalate, and assist in containment, recovery and remediation of critical information security incidents
• Respond to inbound requests via phone and other electronic means for technical assistance with managed services
• Work on-site as required with Clients during Live Security Incidents
• Document actions in reports or cases to effectively communicate information internally and to Customers
• Resolve problems independently and understand escalation procedure
• Champion excellence, and support others in the delivery of excellence, through active knowledge sharing with team members, writing technical articles for Internal Knowledge Bases, Blog Posts and Reports as required or requested
• Create and Present customer reports to ensure quality, accuracy and value to the Client
• Education and Training of other Analysts in execution of Incident Response processes and forensic analysis techniques

Your Qualifications

• Bachelors Degree in Computer Science, Information Systems, Electrical Engineering or a closely related degree
• 6+ years of experience in information security, in areas such as security operations, intrusion detection, incident analysis, incident handling, log analysis or threat detection
• Demonstrate experience handling Incident Response engagements using the SANS Incident Response method (or similar)
• Strong background or equivalent experience in one of the following: Security Threat and Event Analysis, Network Security Operations or Engineering or System Administration on Unix, Linux, Windows
• At least 2-3 years of experience as a Senior or Lead Analyst, or equivalent experience guiding, mentoring and teaching other Analysts/Security Professionals how to handle Security Incidents
• CCNA, CISSP, GCA, GCIA, GCIH, CEH certification would be preferable