Incident Responder
External Job Pull
Saudi Arabia,Eastern Province,Jubail
منذ 9 ساعات
source : drjobs.ae

Incident responder : o Cyber Crime Investigation and Digital Artifacts Static & Dynamic Malware Analysisduring IRo acquisition Discovering vulnerabilities and providing witho Maintaining the procedures for Threat Handling, recommendations to avoid thedamage.

o Incident Handling, and Forensics Handling multiple high-profile incidents relatedo Creation and Updating of Security Incident & to spear phishing, web applicationattacks,o Event Management (SIEM) Rules.

  • ransomwareo GAP Analysis for APT Campaigns Monitor external data sources (e.g., Threato Risk Assessment & Mal Behavior identification Intelligent sourceso Mentor the SOC team with latest security trends, Performing and DocumentingIncident Drillso threat detection and analysis technique Detailed Incident forensic investigationreporto Recommending security enhancements and Creating, testing and implementingnetworko purchases disaster recovery planDelivered Work· Incident response reporting· Forensic investigations· Report writing skillsSkills and expertise· Windows and Linux Forensics expertise· Network· Memory forensics· Threat Hunting· Background of Pentesting· VA experience· Incident response skillsIndustry· Telecom· IT· Advances security services· Security Operations experience· Banking sector;
  • Determine the timeline of the intrusion.o Determine the initial method of compromise.o Describe the overall attack methodology.

    o Resolve the incident with proper analysis.o Provide root cause and trend analysis for all incidents.o Receive, document, and report cyber security events and incidentso Categorize incidents and implement corresponding escalation procedureso Communicate and coordinate incident response effortso Analyze reports to understand threat campaign(s) techniques, lateral movements andextract indicators of compromise (IOCs).

    Respond to all cyber security scenarios such as but not limited to : o Service disruption and impact to the customer business (such as systems in a data centergoing offline).

    o Huge and prolonged DDoS against critical assets that impacts the service delivered.o Spreading virus infection impacting internal systems.

    o New discovered Zero Day threats / vulnerabilities that could impact customer’s criticalassets.o Phishing campaign against the customer business.

    Provide support to unlimited number of incidents (no limit on the number of incidents). Comply with incident response service methodology and internal customer processesincluding, but not limited to : o Using best practice Incident response technology.

    o Threat identification.o Incident scoping.o Containment strategy.o Evidence collection and forensic analysis.o Remediation.

    o Reporting. Follow a well-defined process based (as the NIST incident handling guidelines)o Support different types of data and incidents collection mechanisms such as but not limitedto : o Collection of live response data from systems.

    o Collection of network forensic data.o Intelligence collection.o Initial identification of malicious activity as well as indicators of compromise.

    Provide a security simulation services for : o Simulating real world attacks. Periodically assess and advance customer teams.

    Evidence collected during the case is prepared for archival and provided to the customer alongwith the full report, executive presentations, and board presentations.

    Investigation reportsmust provide a comprehensive description and analysis of the incident and provide guidancefor both executive and technical audiences Reporting must include : o Malicious code analysis.

    o Attack timeline and taxonomy.o Indicators of compromise related to the case.o Analysis of identified threats and adversary profiles.

    o Victimology.o Root cause analysis.o Steps taken to contain and eradicate the threat.o Lessons learned.Job DetailsJob Location : Jubail, Saudi Arabia Job Role : Information Technology Company Industry : IT Services Preferred Candidate Career Level : Mid Career

    بلغ عن هذه الوظيفة
    checkmark

    Thank you for reporting this job!

    Your feedback will help us improve the quality of our services.

    قدِّم طلب ترشيحك
    بريدي الالكتروني
    بالضغط على "واصل" ، أعطي موافقة neuvoo على معالجة بياناتي وإرسال تنبيهات إلي بالبريد الإلكتروني ، على النحو المفصل في سياسة خصوصية لـneuvoo . يجوز لي سحب موافقتي أو إلغاء الاشتراك في أي وقت.
    واصل
    استمارة الطلب