Job provided by Evolution Recruitment
Share this job on social:
About the job
Cyber Incident Response Analyst - Bristol We’re urgently seeking a Cyber Incident Response Analyst with a background in host forensics and malware analysis to join our Cyber Incident Response Team (CIRT). Our team supplies specialist cyber security services to a variety of clients across construction, government, defence and aerospace. The CIRT team sits within our Security Operations Centre (SOC) and is pivotal for providing comprehensive technical investigations of incidents, escalated from the SOC. Also accountable for overseeing and preparing for cyber security incidents on client sites and consulting with them on services.
In this position you will investigate alerts from security appliances for our clients, this will involve researching better and more efficient ways to detect, analyse and respond to emerging threats based on cyber threat intelligence and maintaining our core capabilities and services. You will be responsible for liaising and providing a best course of action to take on confirmed or suspected cyber security incidents, either remotely or on client site.
We will also provide you an opportunity to engage in consulting with clients, which may allow you to go on to clients site to train in cyber response, handle investigations or provision our cyber consulting team as a technical expert.
This role would suit a strong incident responder, malware analyst or digital forensics investigator with a background in enterprise-scale investigations, threat hunting or malware analysis.
Required skills: Strong background in Cyber Security Incident Response Knowledge of Windows Operating Systems Extensive understanding of malware Strong knowledge of host-based investigations including digital forensics Basic knowledge of common networking and routing protocols (e.g. TCP/IP), services (e.g. TLS, DNS, SMTP) Some understanding in packet-level analysis, firewall and hypervisor administration, network appliance log analysis and management of network intrusion detection and prevention
To hear more about this opportunity please contact Robyn Clarke @ Evolution Recruitment Solutions.