Consultant - Incident Response CPX

OverviewJob Description. As a consultant – Incident Response, you live and breathe blue team operations. Your technical expertise in endpoint and network threat detection and defence is complemented by your integrity and passion for cyber security and technology. You work well in a team of highly motivated and skilled blue teamers, but you can also achieve your work independently in different engagements and scenarios. You enjoy taking on new challenges in a fast‑paced and dynamic working environment. You are a team player who is always willing to help where required, with a humble and positive attitude.ResponsibilitiesAt least 1‑3 years of experience in the following activitiesServe as technical expert on active incident response engagements across different IR Retainer customersAchieve tasks independently within the team before initial 6 monthsExecute threat hunting activities in support of incident response and proactive environment assessmentsCarry out host‑based assessments using EDR tools and network assessments utilising full packet data to determine the extent and scope of possible compromisePerform host and/or network‑based forensics across Windows, Mac, and Linux platforms.Execute digital forensic investigations supporting cyber incident response engagementsContribute to process documentation and continuous service improvement activitiesFlexible schedule that is open to changing situations and opportunitiesLearn to produce detailed reports and technical briefsExplain technical findings in a manner that can be easily understood by technical and non‑technical staffYou must be a team player, with a humble and approachable nature who is willing to go the extra mile.Technical SkillsStrong understanding of blue team operations and threat huntingSound understanding of network protocols, TCP/IP etc.Sound understanding of Microsoft WindowsSound understanding of Linux and/or OSX is a plusAbility to learn forensic skills across multiple operating systemsBasic understanding of network analysis tools like Bro/Zeek, Rita or SuricataAbility to perform analysis of system and network devices logsBasic understanding of the capabilities of static and dynamic malware analysisSound understanding of enterprise systems, technologies, and infrastructureStrong understanding of current threats, vulnerabilities, and attack trendsSound understanding of ATT&CK frameworkGood organisational skills, ability to prioritise, and ability to learn to work independently before the end of the trial periodAbility to learn quickly and apply the learnings into the job on a day‑to‑day basisQualificationsGood attention to detail and reporting accuracyEnglish language skills, both spoken and writtenGIAC Certified in a minimum of one discipline: GNFA, GCIH, GCIA, GCFE, GCFA, GDAT, etc or equivalent (eLearnSecurity .etc)At least previous basic experience working with EDR tools and threat hunting toolsPrevious experience performing network forensics desirableKnowledge about cloud security infrastructure (AWS, Azure, Oracle, others) desirableKnowledge about OT/ICS/SCADA technologies will be a plusBachelor’s degree in Computer Science or Engineering desirable, but not mandatoryJob DetailsRole Level: Entry‑Level | Work Type: Full‑Time | Country: United Arab Emirates | City: Abu Dhabi | Company Website: https://cpx.net/ | Company Industry/Sector: Computer and Network SecurityAbout The CompanySearching, interviewing and hiring are all part of the professional life. The TALENTMATE Portal idea is to fill and help professionals doing one of them by bringing together the requisites under One Roof. Whether you’re hunting for your Next Job Opportunity or Looking for Potential Employers, we’re here to lend you a Helping Hand.Disclaimer: talentmate.com is only a platform to bring jobseekers & employers together. Applicants are advised to research the bonafides of the prospective employer independently. We do NOT endorse any requests for money payments and strictly advise against sharing personal or bank related information. We also recommend you visit Security Advice for more information. If you suspect any fraud or malpractice, email us at abuse@talentmate.com.#J-18808-Ljbffr