Job Description: Cyber Incident Response Specialist should analyze and responds to complex and large cyber incidents. Use cyber investigation and cybersecurity tools to identify threats on systems or networks. Conduct analyses related to forensic investigations, cybercrimes, and/or cyberattacks. Analyse security logs, monitoring logs, firewall logs and intrusion prevention system logs. Perform threat management and protection against threats including malware, phishing, hacking and DDoS. Conduct computer forensic analysis, maintaining chain of custody and testifying on evidence collected. Malware analysis, reverse engineering and decoding the threat behavior. Investigate and provide recommendations to identify gaps from the incident. Advise clients on how to improve their cyber incident readiness. Review and update incident management procedures. Familiarity with Cyber Kill Chain Methodology, MITRE ATT&CK Framework, NIST Cybersecurity Framework (CSF), etc. Additionally, Cyber Incident Response Specialist should develop and maintain thorough, up-to-date knowledge of cybersecurity threats and incident response best practices. Collaborate with peers and stakeholders to establish and ensure consistent response practices and prioritization of security events. Requirements: Relevant certifications in cybersecurity, e.g., CISSP, CEH, CISM, GCIH, GCFA, GNFA or similar. A graduate or post-graduate degree in Computer Science, Engineering or equivalent. Experience with Splunk, AXIOM, Volatility, Elastic Stack, Python etc. Experience deploying and monitoring EDR Solutions. Broad knowledge of OS, Networking, and cloud technologies, perhaps gained as a sysadmin, DevOps or security engineer. Good understanding of information security and privacy requirements.
