Cyber Incident Responder – CYFOR Secure Division
Salary – £40,000 to £60,000 depending on experience.
The CYFOR Group is a leading nationwide provider of Digital Forensics, eDiscovery and Cyber Security, providing services mostly to law firms, corporate organisations and insurance companies.
Here at CYFOR, we look for passionate and high-performing people who can make a real difference and thrive on technology and thinking outside the box.
Our employees make CYFOR truly great, and as they grow, so do we.
So if you’d like a varied and highly fulfilling role, working with great colleagues in a fantastic atmosphere, we’d like to hear from you.
Due to our continued growth, CYFOR Secure is looking for an experienced Cyber Incident Responder.
The ideal candidate will have at least 3-5 years of experience responding to and investigating a range of cyber incidents and hold a relevant degree, or be able to demonstrate degree-level knowledge, in the field of cyber security. You’ll have a deep technical knowledge of incident response, digital forensics, M365, cloud environments and investigations processes, along with excellent client-facing skills and a can-do attitude. You’ll also be able to demonstrate flexibility, commitment and integrity.
In return, you’ll receive a salary commensurate with experience, plus training, overtime and excellent career prospects.
This is a unique opportunity to join a highly successful business that truly focuses on its main asset, its team members.
- Perform emergency incident response for customers; including containment to prevent further compromise and gathering relevant forensic evidence.
- Investigate forensic evidence from compromised devices and networks to determine the root-cause of incidents and understand the actions taken by threat actors.
- Acquire and investigate server logs, firewall logs, intrusion detection system alerts, traffic logs and host system logs (particularly Office 365) to determine what data has been impacted during a cyber incident using open-source tools and industry standard forensics software.
- Conduct forensic acquisitions of disks, memory, servers, and other relevant devices.
- Analyse malware as part of incident investigations
- Perform proactive security audits for customers, including O365 audits and vulnerability scans.
- Evaluate and progress customers’ own incident response capabilities through advisory and consultative projects.
- Delivering high-quality technical investigation and forensic reports to clients
- Distribute written and oral customer communications through presentations and reports.
- Develop and maintain a relationship with our commercial team, providing quotations and scoping out works.
Skills and Experience
- Educated to degree level or with equivalent work-related experience.
- Experience collecting forensic evidence from compromised systems.
- Experience investigating cyber incidents to understand and prove malicious activity.
- Proven understanding of the Cyber Kill Chain, MITRE ATT&CK and other information security defence and intelligence frameworks.
- Strong understanding of enterprise grade technical security controls and defence in depth practices.
- Comprehensive knowledge of incident handling, threat hunting and threat intelligence.
- Ability to correlate events from various sources to create incident timelines.
- Experience in cloud-based infrastructure including Microsoft Azure and Office 365, Amazon AWS, and Google Cloud.
- Excellent client facing skills. Able to communicate at all levels, adapting the style of communication to meet the needs of the audience.
- An excellent attitude and the willingness to learn and study for certifications.
- Solid understanding and experience of dealing with network architecture, web applications and associated device.
- Ability to effectively plan and coordinate projects.
- Excellent written and verbal communication skills.
- Demonstrate a high level of accuracy and attention to detail.
- Demonstrate a flexible approach to work and a high level of self-motivation.
- Ability to exercise discretion and confidentiality.
- Previous exposure to enterprise scale infrastructure and technology stacks.
- SANS, CREST or other information security accreditations
- Experience deploying and monitoring endpoint protection (e.g. SentinelOne) across a variety of systems
- Company statutory pension scheme.
- Extra days holiday for your birthday.
- A birthday gift, rising in value each year.
- Bupa Cashplan (or equivalent).
- Life Insurance (Death in Service).
- Annual Media Subscriptions (from a choice of Netflix HD, Amazon Prime, Spotify, Magazine sub, etc).
- An annual work anniversary gift, rising in value each year.
- Loyalty bonuses. 3 years – £300 bonus. 5 – £500 bonus. 10 years – £1,000 bonus.
- Multiple social events throughout the year, including the CYFOR Family Day.
- Month-end lunch and lots more.
This role will require security clearance to SC level, please advise if you are a holder. Otherwise, we will need to carry out vetting.
Apply for this job by completing the form and uploading your CV.
Back to all Careers