Incident Response Manager - London, United Kingdom - NonStop Consulting Ltd
Description
Responsibilities
- Manage and coordinate cyber security incidents for clients working closely with the team lead.
- Digital forensics of relevant incident data (disk, volatile memory, network packets, log files).
- Provide an up to date view of the cyber threat, and advise clients on relevant threats and improve incident response capabilities
- Develop in house cyberresponse tools
- Access incident response capability maturity.
- Project management of engagements to deliver high quality work
- Engagement and risk management
Qualifications
- Excellent communication skills (both written and oral) and project management skills.
- Strong IT and network skills knowledge of common enterprise technologies
- Windows and Windows Active Directory, Linux, Cisco, etc.
- Working programming skillset to be able to author and develop tools written in Python, but we accept other languages.
- Technical proficiency in at least one of these areas: network security/traffic/log analysis; Linux and/or Mac/Unix operating system forensics; Linux/Unix disk forensics (ext2/3/4, HFS+, and/or APFS file systems), advanced memory forensics, static and dynamicmalware analysis / reverse engineering, advanced mobile device forensics
- Advanced experience in industry computer forensic tools such as X-Ways, EnCase, FTK, Internet Evidence Finder (IEF) / AXIOM, TZWorks, and/or Cellebrite
- Advanced experience in preservation of digital evidence (including experience preserving cloud data and handling encryption such as BitLocker, FileVault, and/or LUKS)
- Experience with and understanding of enterprise Windows security controls
- (preferred) Incident management certifications such as:
- CREST certified incident manager (CCIM).
- GIAC Certified Incident Handler (GCIH)
- CREST certified registered intrusion analyst (CRIA),
- CREST certified network intrusion analyst (CCNIA),
- CREST certified host intrusion analyst (CCHIA),
- CREST certified malware reverse engineer (CCMRE),
- GIAC Certified (Network) Forensic Analyst (GCFA, GNFA)
This position is well suited for an individual with 3 to 5 years of experience in cyber-security and incident response
For example:
a very common type of incident is ransomware on a single workstation/laptop. You should be able to guide a client througha structured incident response process - triage, containment, eradication and recovery.
If you are provided with forensic data such as:
disk image, memory image and network data capture or proxy logs, you should be able to identify malware artefacts, sourceof infection and use online research to identify malware family.
If this role is not quite right for you but you would like to have a conversation about other roles, please search and connect with me, Cody Murphy, on LinkedIn.
More jobs from NonStop Consulting Ltd
-
Substance Misuse Social Worker
London, United Kingdom - 2 days ago
-
Educational Psychologist Locum work
South East London, United Kingdom - 2 weeks ago
-
SC Cleared Electrical Design Engineer: Outside IR
Reading, United Kingdom - 1 week ago
-
Project Worker- Anti-child Trafficking Service
London, United Kingdom - 2 weeks ago
-
Fostering Team Manager
Bolton, United Kingdom - 2 weeks ago
-
Senior Business Analyst
West Sussex, United Kingdom - 3 weeks ago