CIRT Team Leader - Incident Response / Digital Forensic / Cyber Security
Salary: £65K (base) plus package
This is an arae opportunity to grow your career with a fast growing Consultancy starting as Team Leader for their Incident Response Team. Their growth is extremely rapid and they have won a significant amount of new business and are now expanding their UK teams, services offered and are looking at new overseas offices.
You will lead an experienced team in dealing with incident response projects, remotely and on client site (when required). The successful candidate will have the ability to lead response teams in order to take full control of incidents on behalf of a client and to provide substantial information re cause, impact and remediation.
Experience of commercial digital forensics, either in the public sector or private sector and have knowledge of the following:
Conducting forensic imaging and acquisition of computer and storage media.Standard forensic toolsets e.g.: EnCase, FTK, DD, WFT, Linux Forensic tools etc.Operating systems such as Linux / Windows / Mac Operating.Experience of analysing forensic evidence, report writing and the ability to communicate complex technical data.Experience in working with an incident response team;ability to provide technical analysis and direction for investigations;Knowledge of networking protocols and infrastructure designs, firewalls etc.Willingness to work out of hours when requiredKnowledge of current cyber security strategies in relation to response and remediation Active problem solver and skilled investigator;Ability to complete post incident analysis in relation to traffic flow, network logs etc.The role will also include onsite customer visits, so the ability to travel (sometimes at short notice) and may include overnight stays (when necessary).
Certified Incident Handler (GCIH) or Certified Forensic Examiner (GCFE) or similar Certifications(EnCE), AccessData Certified Examiner (ACE) etc.Knowledge of programming with one or more of the following languages: Perl, Python, Ruby, PHP, ASP, SQL, HTMLExperience of the PCI DSS
Additional desirable skills (not essential):
An understanding of one or more of the following areas will be of benefit but not essential: digital forensics, computer security, application pen testing, programming, Incident Response, PCI-DSS PFI.Any experience of infrastructure penetration testing or web application or penetration testing or host based audits, configuration / code / architecture reviewsMalware analysis and reverse engineeringMobile device and mobile phone forensics and security
Enthusiastic self-starter who is flexible, proactive and able to work efficiently as part of a team, able to demonstrate:
Flexibility;'Can do' attitude;Willingness to learn and progress;Problem Solving;Excellent communication skills.
About the Role
Experienced in Cyber Security / Incident Response. The successful candidate will have experience of working across a range of projects in the support and identification of cyber incidents. You will be able to provide effective methods of mitigation and assist clients to return to business as usual asap; whilst highlighting the causes and the potential impact upon the company infrastructure of the incident.
Daily tasking may include:
Responding to or advising on a variety of cyber security incidents;The analysis and detection of incidents;Implementation of containment strategies and remediation plans;The production of technical reports outlining the circumstances of the incident;Provision of incident feedback to client, along with recommendations to minimise the likelihood of future recurrence;Maintain communications with client side IT and security staff ensuring swift an appropriate action is possible;Assist clients in methods to bolster their current security to prevent future incidents.
Brimstone Consulting acts as an employment agency (permanent) and as an employment business (temporary) - a free and confidential service to candidates. Brimstone Consulting is an equal opportunities employer. Due to time constraints we can only reply to applicants that match our clients’ specifications.
Our Data Protection number: ZA053843