This job has expired

Staff Incident Responder

GE Aviation
Closing date
19 Apr 2021

View more

Clearance Level
SC, None / Undisclosed
Job Type
You need to sign in or create an account to save a job.

Job Details

Job Description Summary In this role you will be responsible for hunting, detecting and responding to digital security threats. You will demonstrate technical leadership abilities and strong comprehension of malware, emerging threats and calculating risk. You will be the escalation point for all investigations within the UK environment. As part of the team you will be responsible for day-to-day operations for the incident response functions and forensic response capabilities.

Job Description Essential Responsibilities

In this role, you will be the escalation point for all investigation within the UK environment, as part of this you will:
  • Triage events and alerts within the SIEM environment
  • Use a hypothesis-driven approach and behavioural analysis to uncover connections and correlations between potential cyber threats
  • Where required perform host and/or network forensics during investigations to identify patterns and behaviours related to threat actors or other malicious activity
  • Perform threat hunts to uncover previously undetected attacks
  • Work with the business to enhance the cyber security posture
  • Curate signatures, tune systems/tools, develop scripts and correlation rules
  • Mentor and train incident responder and incident responder specialists

Qualifications/ Requirements
  • Bachelor's Degree in Computer Science or "STEM" Majors (Science, Technology, Engineering and Math) with advanced experience.

  • Must currently hold or be eligible to apply for UK SC clearance

Desired Characteristic
  • Detailed understanding of CND-based analytical models (Kill Chain, ATT&CK, Pyramid of Pain, etc.)
  • Detailed understanding of APT, Cyber Crime and other associated tactics
  • Practical experience in host forensics and network analysis techniques and tools
  • Practical experience with malware and reverse engineering
  • Practical experience responding to threats in cloud platforms (AWS, Azure, Google, etc.)
  • Practical experience writing behavioural and static detections
  • Expertise in at least two areas of discipline (Host, Network, Email, Cloud, Identity, Application, Malware)
  • Excellent verbal and written communication skills
  • Excellent organizational and analytical skills
  • Detail oriented with the ability to multi-task and prioritize efforts
  • CISSP, CISM or related Industry certification required
  • SANs or other Industry related technical certifications in Incident Response and Forensic Analysis required
  • Ability to collaborate in a team environment
  • Practical experience cyber skills: Networking (TCP/IP, UDP, Routing); Applications (HTTP, SMTP, DNS, FTP, SSH, etc..); Encryption (DES, AES, RSA) and hashing algorithms (MD5, SHA-1, etc.); System/Application vulnerabilities and exploitation; Operating systems (Windows, *Nix, and Mac), Cloud technology (SaaS, IaaS, PaaS), and malware or behaviours exploiting these systems ​

Additional Information Relocation Assistance Provided: No

You need to sign in or create an account to save a job.

Get job alerts

Create a job alert and receive personalised job recommendations straight to your inbox.

Create alert

Similar Jobs