Cyber Incident Responder - Manchester, United Kingdom - CYFOR

CYFOR

Verified Company

Manchester, United Kingdom

2 weeks ago

Posted by:

Tom O´Connor

beBee Recruiter

Description

CYFOR is a leading nationwide provider of cyber security services, digital forensics and eDiscovery. Providing services to all business sectors, including law firms, insurance providers and law enforcement agencies, CYFOR are looking for talented cyber security professionals to lead the growth of our cyber security services.

Here at CYFOR we look for people who can make a real difference, passionate and high performing people who thrive on technology and thinking outside the box.

Our employees are what makes CYFOR truly great, and as they grow so do we.

So if you'd like a varied and highly fulfilling role, working with great colleagues in a fantastic atmosphere, we'd like to hear from you.

The Role
In return, you'll receive a salary commensurate with experience; plus training, overtime and excellent career prospects. You'll enjoy a varied and highly fulfilling role, working with great colleagues in a fantastic atmosphere.

This is a unique opportunity to join a highly successful business that truly focuses on its main asset, its team members.

Security Clearance
Please note that this role will require NPPV3 clearance in addition to National security clearance to SC level. Applicants MUST have been continuously resident in the United Kingdom for the last 5 years. If you do not hold an active SC clearance, please familiarise yourself with the vetting process before applying.

Main responsibilities:

Perform emergency incident response for customers; including containment (credential resets, network quarantine and EDR rollouts) to prevent further compromise and gathering of relevant forensic evidence.
Investigate forensic evidence from compromised devices and networks to determine the rootcause of incidents and understand the actions taken by threat actors.
Acquire and investigate server logs, firewall logs, intrusion detection system alerts, traffic logs and host system logs to determine what data has been impacted during a cyber incident using opensource tools and industry standard forensics software.
Conduct forensic acquisitions from relevant servers and workstations
Analyse malware to understand and communicate its impact on systems and data
Delivering high quality technical investigation and forensic reports to clients
Deliver regular, highquality updates to clients throughout an investigation

You will also be required to travel at short notice for Cyber Incident response.

Skills and Experience

Experience collecting forensic evidence from compromised systems.
Experience investigating cyber incidents to understand malicious activity.
Proven understanding of the Cyber Kill Chain, MITRE ATT&CK and other information security defence and intelligence frameworks.
Comprehensive knowledge of incident handling, threat hunting and threat intelligence.
Ability to correlate events from various sources to create incident timelines.
Experience in cloudbased infrastructure including Microsoft Azure and Office 365, Amazon AWS, and Google Cloud.
Excellent client facing skills, with the ability to communicate at all levels, adapting the style of communication to meet the needs of the audience.
An excellent attitude and the willingness to learn and study for certifications.
Ability to effectively plan and coordinate projects.
Excellent written and verbal communication skills,
An investigative mindset with a high level of attention to detail
Demonstrate a flexible approach to work and a high level of selfmotivation.
Ability to exercise discretion and confidentiality.

Desirable Skills

Previous exposure to enterprise scale infrastructure and technology stacks.
Appropriate incident response certifications (E.g., CREST Intrusion Analyst or Incident Manager)
Experience deploying and monitoring endpoint protection (e.g. SentinelOne) across a variety of systems during incident response

Benefits