CYFOR is a leading nationwide provider of Digital Forensics, eDiscovery and Cyber services to Law firms, Corporate organisations and Law enforcement.
Due to our continued growth, we are looking for an experienced Cyber Incident Response Analyst.
The ideal candidate will have at least at 2.1 in a relevant degree and 4 years’ experience handling a range of cyber incidents. You’ll have a deep technical knowledge of incident response, digital forensics and investigations processes, along with excellent client-facing skills and a can-do attitude. You’ll also be able to demonstrate flexibility, commitment and integrity.
In return, you’ll receive a salary commensurate with experience, training, overtime and excellent career prospects. You’ll enjoy a varied and highly fulfilling role, working with great colleagues in a fantastic atmosphere.
This is a unique opportunity to join a highly successful business that truly focuses on its main asset, its team members.
- Emergency incident response – mitigation and remediation.
- Manage and organise initial responder activities remotely and onsite premises to contain cyber incidents for customers.
- Calm and collected client Incident Management
- Acquire and investigate server logs, firewall logs, intrusion detection system alerts, traffic logs and host system logs.
- Conduct forensic acquisitions of disks, RAM (and other volatile data), mobile telephone and other relevant devices.
- Perform malware analysis.
- Develop the latest incident response tools and techniques utilising upon open source principles.
- Complete customer incident response capability maturity assessments.
- Progress customers’ own incident response capabilities through advisory and consultative projects.
- Delivering high quality technical investigations to clients
- Distribute written and oral customer communications in the form of presentations and reports.
- Develop and maintain a relationship with the commercial team and attend scoping calls when necessary.
- Provide quotations for the commercial team when required.
Skills and Experience
- Educated to degree level or with equivalent work-related experience;
- Proven understanding of the Cyber Kill Chain, MITRE ATT&CK and other information security defence and intelligence frameworks.
- Strong understanding of enterprise-grade technical security controls and defence in depth practices.
- Experience in incident handling, threat hunting and threat intelligence.
- Experience of collecting logs from and utilising HIDS, IDS/IPS systems, SIEMs, AD controllers and firewalls.
- Ability to correlate events from various sources to create incident timelines.
- Experience in cloud-based infrastructure including Microsoft Azure and Office 365, Amazon AWS, and Google Cloud.
- Excellent client-facing skills. Able to communicate at all levels, adapting the style of communication to meet the needs of the audience;
- An excellent attitude and the willingness to learn and study for certifications.
- Solid understanding and experience of dealing with network architecture, web applications and associated device
- Ability to effectively plan and coordinate projects;
- Excellent written and verbal communication skills;
- Demonstrate a high level of accuracy and attention to detail;
- Demonstrate a flexible approach to work and a high level of self-motivation;
- Ability to exercise discretion and confidentiality;
- Previous exposure to enterprise-scale infrastructure and technology stacks.
- Experience in analysing packet captures and NetFlow logs from monitoring devices, typically WireShark.
- SANS or CREST accreditation
This role will require security clearance to SC level, please advise if you are a holder otherwise, we will need to carry out vetting
Apply for this job by completing the form and uploading your CV.
Back to all Careers