Job description / Role
Cybersecurity Incident Responder is responsible for handling cybersecurity incidents. This includes detecting, analyzing, triaging, and containing an incident from being spread within the organization. It also includes recovery from an incident as well as threat assessment.
• Correlate incident data to identify specific vulnerabilities and make recommendations that enable expeditious remediation.
• Perform analysis of log files from a variety of sources (e.g., individual host logs, network traffic logs, firewall logs, and intrusion detection system [IDS] logs) to identify possible threats to network security.
• Perform cyber defense incident triage, to include determining scope, urgency, and potential impact, identifying the specific vulnerability, and making recommendations that enable expeditious remediation.
• Receive and analyze network alerts from various sources within the enterprise and determine possible causes of such alerts.
• Track and document cyber defence incidents from initial detection through final resolution.
• Collect intrusion artefacts (e.g., source code, malware, Trojans) and use discovered data to enable mitigation of potential cyber defence incidents within the enterprise.
• At least 5-7 years of in-depth experience in incident response and/or ethical hacking
• Degree in computer, network or Information Security related fields.
• Two or more of the following certification preferred:
- Certified Ethical Hacker (CEH)
- Certified Information Systems Security Professional (CISSP)
• Computer networking concepts and protocols, and network security methodologies.
• Risk management processes (e.g., methods for assessing and mitigating risk).
• Incident response and handling methodologies.
• Intrusion detection methodologies and techniques for detecting host and network-based intrusions.
• Network traffic analysis methods and packet-level analysis.
• System administration, network, and operating system hardening techniques.
• Cyberattack stages (e.g., reconnaissance, scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks).
• Malware analysis concepts and methodologies.
• System and Application Security threats and vulnerabilities such as OWASP.
• Identifying, capturing, containing, and reporting malware.
• Recognizing and categorizing types of vulnerabilities and associated attacks.
• Using security event correlation tools.
• Scripting in one of the following languages: Python, Bash, PowerShell, Perl.
• Ability to work with the team.
• Customer service skills.
• Ability to prioritize tasks.
• Organization skills.
• Good communication skills.
• Ability to work effectively in a dynamic, deadline-driven, complex, team-based environment with conflicting and competing priorities.
• Ability to investigate, define and resolve complex problems.
About the Company
Emerald Technology is a global talent acquisition company specialising in providing technology start-ups and global enterprises with exceptional human capital and infrastructure.
We identify and select the best talent for global technology vendors & provide start-ups with an end-to-end infrastructure service to ensure exponential growth.
We are a truly global company with offices all over the world and can facilitate the international needs of your business whether you’re currently situated in - or expanding into - EMEA, APAC, North America or LATAM.