Forensics & Incident Response Analyst – (Cyber Security)@Finesse Global posted 3 weeks ago
The Forensics & Incident Response Analyst will work to address security incidents, hunt down security risks or incidents within the environment, and act as a supporting team member in Cyber Security. This position requires a thorough understanding of technology, tools, policies, and standards related to security systems and incident response. The incumbent must be competent to work at a high technical level of digital forensic, security incident response, and malware analysis, capable of identifying vectors of threats and security incidents, able to remediate or coordinate remediation efforts of a security incident, and develop documentation to support the security incident response process.
Main Duties and Responsibilities
- Investigate, coordinate, bring to resolution, and report on security incidents as they are escalated or identified
- Forensically analyze end-user systems and servers found to have possible indicators of compromise
- Analysis of artifacts collected during a security incident/forensic analysis
- Interface and communicate with server owners, system custodians, and IT contacts to pursue security incident response activities, including obtaining access to systems, digital artifact collection, and containment and/or remediation actions
- Experience with enterprise cloud infrastructures such as Amazon Web Services, Office 365, and Azure
- Provide consultation and assessment on preserved security threats
- Maintain, manage, improve, and update security incident process and protocol documentation
- Regularly provide reporting and metrics on casework
- Deep understanding of security threats, vulnerabilities, and incident response
- Understanding of electronic investigation, forensic tools, and methodologies, including log correlation and analysis, forensically handling electronic data, knowledge of computer security investigative processes, malware identification and analysis
- Be familiar with a basic understanding of legalities surrounding electronic discovery and analysis
- Experience with SIEM technologies (i.e. Splunk)
- Deep experience with most common operating systems (Windows, macOS, Linux, iOS, Android) and their file systems (ext3/4, HFS+, APFS, NTFS, exFAT, etc.).
- Proficiency with industry-standard forensic toolsets (i.e. X-Ways, EnCase, Axiom/IEF, Cellebrite/UFED, and FTK).
- Experience with conducting log analysis of various types of logs, including Windows Event Logs, Apache, IIS, and firewall logs.
- Threat hunting within the organization to continuously look for venerability’s
- Work with various teams to fix the venerability’s
Knowledge, skills, and Experience requirements:
- Demonstrated integrity in a professional environment
- Knowledgeable in business industry-standard security incident response process, procedures, and life-cycle
- Excellent teaming skills
- Good social, communication and writing skills
Qualifications, Certifications, and Education requirements:
- Candidates must hold or be willing to pursue related professional certifications such as GCFE, GCFA, GCIH, CISM, or CISSP
Job Type: Contract
Contract length: 12 months
Salary: AED18,000.00 – AED25,000.00 per month
- Forensic: 3 years (Required)
- Cyber Security: 3 years (Required)