Accessibility Links

Cyber Threat Incident Response Investigator

  • Salary: Negotiable
  • Job type: Permanent
  • Location: Greater Manchester
  • Sector: Security
  • Date posted: 02/03/2018
  • Job reference: J382615A

Cyber Threat Intelligence - Incident Response Investigator

Experis is working with a market leader in Cybersecurity, looking for an experienced Cyber Threat and IT Security professional to join the Cyber Threat Intelligence team.

Your role will be a comprehensive overview of the incident response investigatory process, and you will have oversight from kick-off through remediation to completion. Moreover, you'll be expected to Build scripts and playbooks to enhance the overall incident investigation process, and research new and emerging attack mechanisms deployed my malicious threat actors

You'll be expected to represent your investigative findings and effectively communicate them to stakeholders. Mentoring, developing and coaching of more junior members of staff in Incident Response will also be part of your responsibilities.

Essential Skills/Experience

  • Knowledge of at least one Incident Response framework, and associated stages (NIST, CREST etc)
  • Experience leading investigations and managing incident analysts
  • 5+ years of advanced security, digital and network forensics experience
  • Ability to conduct host forensics, network, forensics, log analysis, and malware triage in support of incident response investigations
  • Recognise and codify attacker techniques, tactics, and procedures with a view to creating indicators of compromise (IOCs) that can be applied to current and future investigations
  • Knowledge of appropriate Incident Response tools to aid in analysis, recording and reporting
  • Extensive experience in five or more of the following areas (and their associated tools) preferably with a recognised qualification:
    • Windows disk and memory forensics
    • Network Security Monitoring (NSM), network traffic analysis, and log analysis
    • Unix or Linux disk and memory forensics
    • Dynamic malware analysis including knowledge of malware behaviour and techniques employed by attackers to evade existing security controls
    • Reverse Engineering and Static Analysis
    • Applied knowledge in at least one scripting or development language (such as Python)
    • Thorough understanding of enterprise security controls in Active Directory / Windows environments
    • Experience with hands-on penetration testing against Windows, Unix, or web application targets

Desirable Skills

  • Knowledge of full chain of custody procedures for Incident Response, including relevant hardware and software for system imaging
  • Possess one or more of the following certifications: GREM, GCFA, GCFE, CISA or CISSP (Required or desired?)
  • Expert understanding of multiple security technologies, particularly in the threat intelligence and analytics area with relevant and appropriate certifications. GIAC preferable (Required or desired?)
  • Knowledge of application and infrastructure components and how they relate to the Cyber Kill Chain
  • Good understanding of Assembly language

Personal Profile

We are looking for passionate individuals who are committed to their professional development in this industry. My client wants to know your insight into current cybersecurity threats and trends, and will immerse you in the security industry and community as a part of this position.

Are you the person we're looking for?
Interviews are taking place immediately, send a CV ASAP to or to find out more call 01619 243912

Greater Manchester, UK - North West.

Similar jobs
View more similar jobs