Description
Role Summary
As an Incident Responder you are expected to investigate computer related crimes and cyber security incidents within an organization. You are expected to validate the incidents, identify the root cause and contain and eradicate the incidents and its traits.
You are expected to be proficient in wide range of computer investigation and forensic tools.
You are an Engineering graduate with 4+ years of experience in performing incident detection, response, remediation and forensics. You possess SANS GCIH, GCFA or Advanced Incident Responder certification
Job Duties List
The main responsibility of the Incident Responder is to assess logs, make searches for correlating events to create time series chart, identify root cause and use computer forensic tools to examine and analyze electronic media in suspected computer hacking cases or insider threats or malware incidents.
Duties includes
- Provide a rapid initial response to any IT Security threats, incidents or cyber-attacks on your organization
- Provide support in the detection, response, mitigation, and reporting of cyber threats affecting organizational networks
- Maintain an understanding of the current vulnerabilities, response, and mitigation strategies used in cyber security operations
- Analyze and report cyber threats as well as assist in deterring, identifying, monitoring, investigating and analyzing computer network intrusions
- Additional duties may include providing intrusion support to high technology investigations in the form of computer evidence seizure, computer forensic analysis, data recovery, and network assessments
- Monitor traffic for any unusual activity or unauthorized access attempts to identify indicator of compromise in the network and traits of intrusions
- May need to analyze malwares, threat advisories, vendor security bulletins, threat intelligence information etc. to validate the actionable.
Requirements
- Engineering graduate with 4+ years of incident response and forensics experience.
- Practical experience using computer operating systems such as MS Windows, UNIX and Linux
- Detail analytical capabilities to identify
- Defense evasion techniques - Malware defense evasion and detection
- Understanding core Windows processes
- Persistence - Malware persistence detection and analysis
- Finding and Analyzing Malicious WMI Event Consumers
- A problem-solving mind-set
- Working as part of a team, you need to be a good team player
- The ability to react quickly and efficiently under pressure
- Good communication skills as you will be reporting regularly to management and other stakeholders
- Knowledge and understanding of network protocols, network devices, multiple operating systems, and secure architectures
- Technical Incident Reporter Certification like GCIH, GCIA, GNFA
