Cyber Security Incident Responder

Cyber Security Incident Responder


Cyber Security Incident Responder

Details of the offer

About the role: We are looking for an Incident Responder to join our growing Cyber Security team, with a passion for customer-focused, holistic security outcomes that bridge the gap between cybersecurity and business outcomes. This role is suited to those with 3+ years in a similar role. In this role you will be responsible for responding to cyber incidents, performing forensic investigations and threat hunting for both Interactive's internal environment and managed cybersecurity customers. Your key responsibilities include:

Responding to security incidents: Contain, eradicate and recover systems with infections, ranging from phishing to complex malware/ APT campaigns
Develop and use Digital Forensic Investigation Tools (DFIT), Endpoint Detection and Response (EDR) and sandboxes to analyze and eradicate malicious programs and behaviors
Acquire, analyze and preserve digital evidence from a variety of workstation, server, and mobile platforms
Generate high-quality forensic examination reports to communicate findings clearly and concisely to technical and non-technical business unit managers
Develop security incident playbooks, cyber incident response tools, techniques and procedures
Identifying Indicators of compromise and work with our security operations centre to improve our detection capability
To be successful in this role, you will have:

Experience investigating security incidents
Knowledge of cyber attack stages (e.g., reconnaissance, scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks)
Understanding of offensive security methodologies and tools including Kali Linux, Metasploit, Nmap, BurpSuite
Knowledge of Malware Triage, Reverse Engineering, and YARA tools and rulesets
Expert understanding of computer/network forensics tools (e.g. Encase, FTK)
Experience in SIEM platforms and attack detection tools. IBM QRadar experience preferred
Understanding of infrastructure-level technologies (Firewalls, Networks, Windows Server, Linux, VMware, Azure, AWS)

In addition, the following experience is not essential, but nice to have:

Experience with cybersecurity tools including Qualys, Carbon Black, Fortinet, ForcePoint DLP, Mimecast
Understanding of scripting languages (Powershell, Python)
Understanding of security control frameworks including ISO27001, NIST 800-53, Australian Signals Directorate Top 35, PCI-DSS and risk management frameworks

Source: Jobsjobsjobs


  • Other Jobs / Other Jobs - Crafts


Related offers

Head of credit risk oversight and quality assurance

The company is a leading provider of financial services. The Risk Oversight & Quality Assurance Manager is responsible for the development, maintenance, and...

From Default - New South Wales

Published a month ago

Phd in english renaissance literature

Marginalia and the Early Modern Woman Writer, 1530-1660 The PhD candidate will be trained in archival fieldwork, project management, writing, publication...

From University Of Newcastle - New South Wales

Published a month ago

Business development associate

About Chief Operating Operator Portfolio The Chief Operating Officer (COO) Portfolio is responsible for the University's budget and financial performance, and...

From University Of Melbourne - Victoria

Published a month ago

Project coordinator

Full-time, fixed term contract until 30 April 2020 Located at the Bundoora Campus $85,724 - $94,302 per annum + up to 17% superannuation About La Trobe La...

From La Trobe University - Victoria

Published a month ago