We are looking for Cyber Security Advanced Investigation Senior Experts to our international client.
The person in the Cyber Security Advanced Investigation Senior Expert role performs incident handling related tasks as well as Forensics & Malware Analysis and provides advanced investigation tasks and deep analysis skills for Cyber Security Incident Response and Advanced Investigation team.
Cyber Security Advanced Investigation Senior Expert also works closely with other internal teams to provide oversight of emergency response to information security incidents to quickly identify, respond, and mitigate the risk from Information Security incidents that impact the firm.
- The identification, management, and mitigation of security events as detected by monitoring, internal and external intelligence, vulnerability assessment and internal problem management tools and procedures
- Acts as part of a team in relation to identified events for the relevant technical support groups, businesses at risk and Service Recovery teams both internally and externally
- Cyber Security Incident Response
- Identify cybersecurity threats and perform analysis of reported anomalies on MOL Groups networks and systems. Mitigate and contain identified threats using approved methodologies when detected. Define and execute incident response processes.
- Responsible for all aspects of the Incident Investigation and Response process including notification, escalation, response and post incident review.
- Maintain and execute process for managing escalations and notification to key stakeholders and senior management during cyber security incidents.
- Deliver recommendations and actions to improve the detection, escalation, containment and resolution of cyber security incidents.
- Provision of out of hours support and investigation as and when required.
- Malware Analysis
- Triage and Analyze malware to discover capabilities of the malicious code.
- Perform advanced reverse engineering tasks including static and dynamic techniques.
- Perform analysis of identified C2 communication channels and methods.
- Develop custom tools/scripts when needed.
- Provide detailed outline & report of analysis findings.
- Forensics Analysis
- Determine the extent of compromise during cyber security incidents.
- Perform data acquisition of most hard drives and data recovery.
- Perform advanced network, host, files, registry, memory & log analysis.
- Maintain current knowledge of tools and best practices in forensics.
- Coordinate with internal/external groups to share actionable intelligence gathered over course of investigation.
- Develop, document and manage containment strategy
Skills we are looking for
- University / college degree in Computer Science, Engineering or related field
- Proven record of deep reverse engineering skills
- Understanding of networking protocols and infrastructure designs including routing, firewall functionality, host and network intrusion detection/prevention systems, encryption, load balancing, and other network protocols.
- Demonstrable ability to take ownership of incidents through to resolution
- Understand potential business impact of a cyber incident.
- Thorough understanding of security principles, practices and standards and how they translate into real world process solutions
- Has an understanding of emerging security technologies.
- Ability to convey security concepts related cybersecurity events to both technical and non-technical audiences
- 5+ years experience in Security/Cyber Defence
- 8+ years experience in IT
- Proven track record of working Global IT services (Global IT security services preferable)
- Broad Information Security knowledge