Incident Response Manager - London, United Kingdom - NonStop Consulting Ltd
Description
Responsibilities
- Manage and coordinate cyber security incidents for clients working closely with the team lead.
- Digital forensics of relevant incident data (disk, volatile memory, network packets, log files).
- Provide an up to date view of the cyber threat, and advise clients on relevant threats and improve incident response capabilities
- Develop in house cyberresponse tools
- Access incident response capability maturity.
- Project management of engagements to deliver high quality work
- Engagement and risk management
Qualifications
- Excellent communication skills (both written and oral) and project management skills.
- Strong IT and network skills knowledge of common enterprise technologies
- Windows and Windows Active Directory, Linux, Cisco, etc.
- Working programming skillset to be able to author and develop tools written in Python, but we accept other languages.
- Technical proficiency in at least one of these areas: network security/traffic/log analysis; Linux and/or Mac/Unix operating system forensics; Linux/Unix disk forensics (ext2/3/4, HFS+, and/or APFS file systems), advanced memory forensics, static and dynamicmalware analysis / reverse engineering, advanced mobile device forensics
- Advanced experience in industry computer forensic tools such as X-Ways, EnCase, FTK, Internet Evidence Finder (IEF) / AXIOM, TZWorks, and/or Cellebrite
- Advanced experience in preservation of digital evidence (including experience preserving cloud data and handling encryption such as BitLocker, FileVault, and/or LUKS)
- Experience with and understanding of enterprise Windows security controls
- (preferred) Incident management certifications such as:
- CREST certified incident manager (CCIM).
- GIAC Certified Incident Handler (GCIH)
- CREST certified registered intrusion analyst (CRIA),
- CREST certified network intrusion analyst (CCNIA),
- CREST certified host intrusion analyst (CCHIA),
- CREST certified malware reverse engineer (CCMRE),
- GIAC Certified (Network) Forensic Analyst (GCFA, GNFA)
This position is well suited for an individual with 3 to 5 years of experience in cyber-security and incident response
For example:
a very common type of incident is ransomware on a single workstation/laptop. You should be able to guide a client througha structured incident response process - triage, containment, eradication and recovery.
If you are provided with forensic data such as:
disk image, memory image and network data capture or proxy logs, you should be able to identify malware artefacts, sourceof infection and use online research to identify malware family.
If this role is not quite right for you but you would like to have a conversation about other roles, please search and connect with me, Cody Murphy, on LinkedIn.
More jobs from NonStop Consulting Ltd
-
Social Worker
London, United Kingdom - 3 days ago
-
Integrated Front
West Yorkshire, United Kingdom - 3 weeks ago
-
Fully Home Based Role
Manchester, United Kingdom - 1 week ago
-
Assistant Project Manager
Hawthorn, United Kingdom - 2 weeks ago
-
Remote Educational Psychologist
Essex, United Kingdom - 2 weeks ago
-
Homebased Child Protection Social Worker
Leicester, United Kingdom - 3 weeks ago