*We’re unable to sponsor for this everlasting Full time function*
Prestigious Enterprise Firm is presently in search of a Senior Incident Response Menace Engineer with robust Splunk expertise. Candidate is answerable for all facets of safety menace administration. This hands-on technical function shares tasks throughout the group in conducting cyber menace intelligence, executing menace hunts, collaborating and main incident response efforts, performing digital forensics, and implementing menace safety throughout the enterprise. Candidate might be answerable for constructing, sustaining, and bettering the engine that powers large-scale safety menace administration capabilities that defend, detect, and reply to rising threats and complicated assaults on enterprise networks. The individual on this function opinions and analyzes massive and extremely advanced data-sets and data to supply content material, conclusions, and actionable suggestions to mitigate threat and cease attackers chilly.
Candidate ought to have an utilized and in-depth understanding of malware, attacker ways, methods, and procedures and expertise defending organizations from these threats. Along with having a breadth of technical expertise, the candidate ought to have management and buyer communication expertise
- Design, construct, run, and personal infrastructure and automation to detect, include, and eradicate safety threats.
- Develop new and novel protection methods to establish and cease superior adversary ways and methods.
- Carry out forensics on community, host, reminiscence, and different artifacts originating from a number of working methods, functions, or networks and extract IOCs (Indicators of Compromise) and TTP (Techniques, Methods, and Procedures).
- Gather, analyze, assess, and disseminate details about cyber threats and potential assaults.
- Conduct human-driven, proactive, and iterative hunts by enterprise networks, endpoints, or datasets to detect malicious, suspicious, or dangerous actions which have evaded detection by present instruments.
- Lead the Pc Incident Response Workforce (CIRT) in responding to lively and time-sensitive threats together with communications and coordination throughout totally different groups.
- Work carefully with different members of the Info Safety group to guide adjustments within the firm’s protection posture.
- BS/MS in Pc Science or equal work expertise.
- 7+ years of expertise in info safety.
- Possession of a holistic view of the menace, vulnerability, and threat in addition to their relationship.
- Deep understanding of internals and constructs of at the least two most important fashionable operation methods.
- Related safety certifications (OSCP, OSCE, GPEN, GXPN, GREM, GNFA, GCFA).
- Utilized expertise with utility and enterprise logic Embedded in enterprise methods.
- Information of open safety testing requirements and initiatives, together with OWASP.
- Proficiency with at the least one interpreted programming language (Python, Ruby, and so forth.).
- Superior information of TCP/IP Networking, and community companies equivalent to DNS, SMTP, DHCP, and so forth.
- In-depth understanding of authentication protocols, utilized cryptography, key administration, PKI and SSL/TLS.
- Expertise using phishing and different social engineering ways.
- Expertise utilizing a number of command and management channels, together with DNS and HTTPS.