Join a dedicated team committed to assisting organisations in containing, neutralising, and eradicating cybersecurity threats. With our expertise, we ensure that organisations are well-prepared to handle incidents and conduct thorough post-mortem investigations. We handle a diverse range of incident response engagements, averaging around 70 per year, including forensic investigations and analysis of human-operated ransomware breaches.
As a Senior Incident Handler, you will play a crucial role in assisting organisations with their security incidents. Your responsibilities will involve conducting host forensics and performing comprehensive log analysis to support incident response engagements. Additionally, you will work towards enhancing our client's incident response preparedness.
Leveraging your extensive experience in incident response, you will develop innovative detection use cases by applying your knowledge of tactics, techniques, and procedures (TTPs). Regular validation of these use cases through purple team engagements will ensure their relevance and effectiveness.
You will also contribute a portion of your time to the development and maintenance of our in-house CSIRT tools and applications, furthering our capabilities in incident response.
Highly collaborative environment, you will have the opportunity to participate in regular training sessions, workshops, and knowledge-sharing activities with clients and colleagues. Moreover, you will have the chance to showcase your work and expertise at prestigious security conventions.
* Prior experience in the field of Cybersecurity - Red/Purple/Blue
* Strong understanding of network protocols (HTTP2/Quic, DoT/DoH, etc.)
* Proficiency in Windows and Linux operating systems.
* Analytical thinking, problem-solving skills, and a passion for parsing and analysing complex logs are essential.
* Familiarity with tools such as Volatility, Log2Timeline, Misp, IntelMQ, Wireshark, Tshark, and Snort is expected, along with experience in debugging Python.
* Understanding the promises and limitations of threat intelligence and the ability to work calmly under pressure and deal with individuals under stress are additional key attributes we seek.