You will be working for a global, organisation based in London that are looking to expand their Cyber Security Incident Response Team (CSIRT) within their developed investigatory function.
At the higher end of the salary banding you'd be expected to lead the response process, investigating threats and remediating damage caused using your forensic skills, bringing in other members of their expansive team as/when required in addition to supporting cyber functions.
The cyber-attacks the business regularly faces can range from low-level trojans, phishing attacks and ransomware all the way up to sophisticated and targeted APT-style attacks involving nation-state actors so for this reason a technical appreciation of network and network security infrastructure in addition to threat intelligence would be highly beneficial. At the lower end, some experience in an incident response role would be a minimum requirement but this should be supplemented by some hands-on forensics knowledge (e.g. memory forensics, malware analysis, PCAP analysis).
You will also need to build relationships with stakeholders both within the business and external public sector bodies, working with their Cyber Security specialists to create a symbiotic and collaborative environment for the alleviation of adversarial intrusions. There would also be a more strategic element to the role where you would have autonomy over bringing in tools, services and resources as/when required. There is no man-management in this role of any kind.
Skills I'll be looking out for are: Cyber Incident Response (CSIRT/CERT), Network Forensics, Windows Forensics, Mobile Device Forensics, Threat Hunting, Threat Intelligence (Consumption & Production), Malware Analysis (Static, Dynamic & Reverse Engineering) inclusive of reverse engineering in addition to general client-facing/soft-skill abilities. You don't need to have all of these but at a minimum, some Incident Response and Forensics experience would be a baseline requirement. They're pretty tool agnostic so if you specialise in one they do use, then great but if not they're more than happy to train you up to fill gaps in solution knowledge.
If you feel this role would be of interest to you, please do not hesitate to apply or reach out to me on LinkedIn (Samuel S. Berti, Computer Futures).
To find out more about Computer Futures please visit www.computerfutures.com
Computer Futures, a trading division of SThree Partnership LLP is acting as an Employment Agency in relation to this vacancy | Registered office | 1st Floor, 75 King William Street, London, EC4N 7BE, United Kingdom | Partnership Number | OC387148 England and Wales