Senior Cyber Incident Response Analyst

Full Job Description

About Integrity360

Integrity360 is an the largest independent cybersecurity provider in UK&I, with Security Operations Centers in Dublin & Sofia, employing 310+ employees, of which over 80% are technical. We help our clients proactively identify, protect, detect and respond to threats against the ever-evolving threat landscape. Our security first approach positions security as an enabler and empowers our clients to do business securely.

You would be joining Integrity360 at an immensely exciting time. In June 2021 the company received a strategic investment from August Equity (one of the UK’s most successful mid-market private equity firms). Our intention is to grow Integrity360 into the leading cyber services and solutions provider in Europe. The market for cybersecurity services has never been stronger and is growing at an aggressive rate. Integrity360 is one of the most respected and established service providers in the industry and is well positioned to achieve a market leadership position over the coming years. We believe we have significant opportunities for growth especially over the next 36 months. With the right levels of energy, tenacity and skill, your opportunity for personal success and contribution to our overall aspirations is considerable.

Job Role & Responsibilities

The Senior Cyber Incident Response Analyst will work within established methodologies to perform a variety of Incident Response related activities for new and existing customers, to include responding to cyber incidents, proactively hunting for adversaries in customer networks, conducting detailed Intrusion analysis – host and network, malware reverse engineering, Digital forensics and Cyber Threat Intelligence services.

Proactive client services, such as compromise assessments and evaluating and recommending tools and technology for incident response are also in scope. Demonstration of a strong comprehension of malware, emerging threats and adversary TTPs will be critical to success.

Primary Duties/Responsibilities include:

• Key technical resource in support of Cyber Incident Response - Incident lifecycle management from identification through triage and containment.
• Assist with scoping prospective engagements
• Thorough understanding of enterprise security controls in Active Directory / Windows environments
• Strong network analysis and diagnosis skills
• Knowledge of Intrusion Detection Systems and methods of security hacking/penetration testing

Desired Skills

• Customer focus - have the ability to work directly with customers and demonstrate services delivered to customers in a face to face setting when required.
• You will have the capacity to multitask on several technical and operational issues simultaneously. Have a very good understanding of customer issues and you are able to empathise with customers as to their current situation.
• Ability to think through difficult issues and provide advice or when necessary
• A clear understanding of the ITIL processes
• Ability to work on assignments requiring sound judgement in resolving issues or in making recommendations;
• Initiative to drive all incidents to resolution, ensuring timely participation by all stakeholders;
• Without hesitation when required, escalate issues to upper management, to include C-Level managers, in accordance with prescribed procedures.
• Incident Management and Incident communication experience
• Experienced in meeting deadlines while following processes and procedures
• Capable of working with other teams that challenge your processes and procedures
• Understanding of ITIL, SANS, PCI DSS, ISO 27001 and ISO20000
• Logical thought mindset and experience developing reusable processes / data architectures.

Desired Technical Experience

• Host Intrusion Analysis
• Network Intrusion Analysis
• Familiarity with categories of Malware and Malware Reverse Engineering techniques
• Experience working with security tools for the purposes of detection, diagnosis, containment and remediation
• Extensive knowledge of Windows server systems.
• Experienced in creating and maintaining a security incident response plan (IRP).
• Windows (Endpoint and Server)
• Unix

Qualifications

Any of the following accreditations/creditations will be highly beneficial:

• SANS: Qualifications in Security Essentials (GSEC), Hacker Techniques & Incident Handling (GIH), Host (GCFE/GCFA) & Network (GNFA) Forensics, Malware Analysis (GREM) and any Digital Forensics specialisations.
• CREST certifications: Certified Incident Manager, Certified Host Intrusion Analyst, Certified Network Intrusion Analyst, Certified Malware Reverse Engineer, Practitioner Intrusion Analyst, Registered Intrusion Analyst
• Certified Ethical Hacker