Forensics & Incident Response Analyst – (Cyber Security)

@Finesse Global posted 3 weeks ago

Job Description

Role Purpose

The Forensics & Incident Response Analyst will work to address security incidents, hunt down security risks or incidents within the environment, and act as a supporting team member in Cyber Security. This position requires a thorough understanding of technology, tools, policies, and standards related to security systems and incident response. The incumbent must be competent to work at a high technical level of digital forensic, security incident response, and malware analysis, capable of identifying vectors of threats and security incidents, able to remediate or coordinate remediation efforts of a security incident, and develop documentation to support the security incident response process.
Main Duties and Responsibilities

  • Investigate, coordinate, bring to resolution, and report on security incidents as they are escalated or identified
  • Forensically analyze end-user systems and servers found to have possible indicators of compromise
  • Analysis of artifacts collected during a security incident/forensic analysis
  • Interface and communicate with server owners, system custodians, and IT contacts to pursue security incident response activities, including obtaining access to systems, digital artifact collection, and containment and/or remediation actions
  • Experience with enterprise cloud infrastructures such as Amazon Web Services, Office 365, and Azure
  • Provide consultation and assessment on preserved security threats
  • Maintain, manage, improve, and update security incident process and protocol documentation
  • Regularly provide reporting and metrics on casework
  • Deep understanding of security threats, vulnerabilities, and incident response
  • Understanding of electronic investigation, forensic tools, and methodologies, including log correlation and analysis, forensically handling electronic data, knowledge of computer security investigative processes, malware identification and analysis
  • Be familiar with a basic understanding of legalities surrounding electronic discovery and analysis
  • Experience with SIEM technologies (i.e. Splunk)
  • Deep experience with most common operating systems (Windows, macOS, Linux, iOS, Android) and their file systems (ext3/4, HFS+, APFS, NTFS, exFAT, etc.).
  • Proficiency with industry-standard forensic toolsets (i.e. X-Ways, EnCase, Axiom/IEF, Cellebrite/UFED, and FTK).
  • Experience with conducting log analysis of various types of logs, including Windows Event Logs, Apache, IIS, and firewall logs.
  • Threat hunting within the organization to continuously look for venerability’s
  • Work with various teams to fix the venerability’s

Knowledge, skills, and Experience requirements:

  • Demonstrated integrity in a professional environment
  • Knowledgeable in business industry-standard security incident response process, procedures, and life-cycle
  • Excellent teaming skills
  • Good social, communication and writing skills

Qualifications, Certifications, and Education requirements:

  • Candidates must hold or be willing to pursue related professional certifications such as GCFE, GCFA, GCIH, CISM, or CISSP

Job Type: Contract
Contract length: 12 months

Salary: AED18,000.00 – AED25,000.00 per month

Experience:

  • Forensic: 3 years (Required)
  • Cyber Security: 3 years (Required)

Related Jobs