Incident Response Specialist
| Dyddiad hysbysebu: | 28 Ebrill 2025 |
|---|---|
| Oriau: | Llawn Amser |
| Dyddiad cau: | 28 Mai 2025 |
| Lleoliad: | Leicester, Leicestershire |
| Gweithio o bell: | Yn gyfan gwbl o bell |
| Cwmni: | Virgule International Limited |
| Math o swydd: | Cytundeb |
| Cyfeirnod swydd: | Vrg_2425_061 |
Crynodeb
Reference: Vrg_2425_061
Job title: Incident Response Specialist
We are looking for a skilled Incident Response Specialist_JD for a future role to join our cybersecurity team. The role involves conducting forensic investigations with tools like EnCase, FTK, and Autopsy, analyzing network traffic with Wireshark and Zeek, and utilizing endpoint protection platforms such as CrowdStrike Falcon and SentinelOne. The ideal candidate will have strong experience in incident response, threat analysis, and forensic investigations, with proficiency in various security tools and platforms.
Key Responsibilities:
Incident Detection & Response: Manage and respond to security incidents using SIEM tools (Splunk, IBM QRadar, LogRhythm) and SOAR platforms (TheHive, Palo Alto Cortex XSOAR, IBM Resilient).
Threat Analysis: Conduct deep analysis of incidents using tools like EnCase, FTK, Autopsy, Magnet AXIOM, and Wireshark.
Security Forensics: Perform forensic analysis of systems and networks using tools like Ghidra, IDA Pro, OllyDbg, and Radare2.
Network Monitoring: Utilize network performance monitoring tools such as SolarWinds, Zeek (formerly Bro), and Snort to detect network anomalies.
Malware Analysis: Analyze suspicious files and malware using platforms like Cuckoo Sandbox, VirusTotal, Hybrid Analysis, and Any.Run.
Incident Documentation & Reporting: Document incidents, perform root cause analysis, and develop detailed incident reports for management and stakeholders.
Collaboration: Work closely with security teams to develop incident response plans and improve overall security posture.
Security Tools Management: Utilize tools such as CrowdStrike Falcon, Carbon Black, and SentinelOne for endpoint detection and response, and other network security tools like Cisco Firepower and Suricata.
Required Skills & Qualifications:
Hands-on experience with incident response tools such as TheHive, Siemplify, Palo Alto Cortex XSOAR, IBM Resilient.
Proficiency with forensic tools like EnCase, FTK, Autopsy, and Magnet AXIOM.
Strong understanding of SIEM solutions (Splunk, IBM QRadar, ArcSight, LogRhythm) and network monitoring tools (Wireshark, Tcpdump, Zeek).
Knowledge of malware analysis using Cuckoo Sandbox, VirusTotal, and Hybrid Analysis.
Experience with endpoint protection tools (CrowdStrike Falcon, Carbon Black, SentinelOne).
Solid understanding of incident response processes, including detection, investigation, and remediation.
Knowledge of network security and threat intelligence tools (Snort, Suricata, Cisco Firepower).
Proficiency with security automation platforms (IBM Resilient, Palo Alto Cortex XSOAR).
Strong forensic skills with experience in data recovery tools (R-Studio, Recuva, Disk Drill) and analysis (Ghidra, IDA Pro).
Ability to work in high-pressure environments and manage multiple incidents simultaneously.
Job title: Incident Response Specialist
We are looking for a skilled Incident Response Specialist_JD for a future role to join our cybersecurity team. The role involves conducting forensic investigations with tools like EnCase, FTK, and Autopsy, analyzing network traffic with Wireshark and Zeek, and utilizing endpoint protection platforms such as CrowdStrike Falcon and SentinelOne. The ideal candidate will have strong experience in incident response, threat analysis, and forensic investigations, with proficiency in various security tools and platforms.
Key Responsibilities:
Incident Detection & Response: Manage and respond to security incidents using SIEM tools (Splunk, IBM QRadar, LogRhythm) and SOAR platforms (TheHive, Palo Alto Cortex XSOAR, IBM Resilient).
Threat Analysis: Conduct deep analysis of incidents using tools like EnCase, FTK, Autopsy, Magnet AXIOM, and Wireshark.
Security Forensics: Perform forensic analysis of systems and networks using tools like Ghidra, IDA Pro, OllyDbg, and Radare2.
Network Monitoring: Utilize network performance monitoring tools such as SolarWinds, Zeek (formerly Bro), and Snort to detect network anomalies.
Malware Analysis: Analyze suspicious files and malware using platforms like Cuckoo Sandbox, VirusTotal, Hybrid Analysis, and Any.Run.
Incident Documentation & Reporting: Document incidents, perform root cause analysis, and develop detailed incident reports for management and stakeholders.
Collaboration: Work closely with security teams to develop incident response plans and improve overall security posture.
Security Tools Management: Utilize tools such as CrowdStrike Falcon, Carbon Black, and SentinelOne for endpoint detection and response, and other network security tools like Cisco Firepower and Suricata.
Required Skills & Qualifications:
Hands-on experience with incident response tools such as TheHive, Siemplify, Palo Alto Cortex XSOAR, IBM Resilient.
Proficiency with forensic tools like EnCase, FTK, Autopsy, and Magnet AXIOM.
Strong understanding of SIEM solutions (Splunk, IBM QRadar, ArcSight, LogRhythm) and network monitoring tools (Wireshark, Tcpdump, Zeek).
Knowledge of malware analysis using Cuckoo Sandbox, VirusTotal, and Hybrid Analysis.
Experience with endpoint protection tools (CrowdStrike Falcon, Carbon Black, SentinelOne).
Solid understanding of incident response processes, including detection, investigation, and remediation.
Knowledge of network security and threat intelligence tools (Snort, Suricata, Cisco Firepower).
Proficiency with security automation platforms (IBM Resilient, Palo Alto Cortex XSOAR).
Strong forensic skills with experience in data recovery tools (R-Studio, Recuva, Disk Drill) and analysis (Ghidra, IDA Pro).
Ability to work in high-pressure environments and manage multiple incidents simultaneously.