Cyber Incident Response Consultant (DFIR / Security) - £40-70k
You will be working for the Incident Response arm of a major Systems Integrator based in the heart of London, dealing with Cyber Security incidents of their clients, mainly focussed on the UK (in particular, the South-East) with very occasional European travel.
Ideally, you will come from a Cyber Incident Response or L3/L4 SOC Analyst background and, as one of their first-responders to incidents, the person responsible for keeping the client calm whilst assessing the situation using your technical skills to determine the scope of the task at hand and whether additional help would be needed. These cyber-attacks can range from low-level trojans, phishing attacks and ransomware all the way up to sophisticated and targeted APT-style attacks involving nation-state actors so for this reason a technical appreciation of network and network security infrastructure in addition to threat intelligence. Something that would also be beneficial is being able to think with respect to how an attacker may operate (including having any offensive security / CREST certifications). Although this is a client-facing role, individuals from an end user background will most definitely be considered depending on the level of their technical ability, communication skills and internal stakeholder engagement (especially those from a Public Sector/MoD/Government background).
Outside of technical investigations, there is a proactive view of incident response so you may be required to run through incident response procedures/policies with a client or simulated exercises in order to prevent future attacks, perform gap analyses etc.. Additionally, whilst you're not on client site you have the opportunity to expand your knowledge through training/certifications and training courses, writing whitepapers and research or even just attending conferences as far flung as Black Hat in Vegas.
This role is particularly rare in that as they are looking to grow their pre-existing EMEA practice you will have the opportunity to work with their Senior Leadership team to establish functions and knowledge sharing capabilities with their other European teams.
Skills I'll be looking out for are: Cyber Incident Response (CSIRT/CERT), SOC Incident Handling / Investigations, Network Forensics, Windows Forensics, Mobile Device Forensics, Threat Hunting, Threat Intelligence (Consumption & Production), Malware Analysis (Static & Dynamic) inclusive of reverse engineering in addition to general client-facing/soft-skill abilities.
If you feel this role would be of interest to you, do feel free to give me an email on 'a.fernandes[att]computerfutures[dot]com' with an up-to-date version of your CV and a good time that we may speak. Alternatively, I am available by phone on 0-2-0-7-9-0-7-3-8-3-8 or on LinkedIn (Andrew Fernandes, Computer Futures). I'm back in the office on Tuesday 6th June and usually available from 09:00-19:00 but can make myself available outside of this to suit your schedule.
If you know anyone that might be interested in the role, don't be afraid to point them in my direction; we're currently offering £200 of John Lewis vouchers to anyone who refers someone that later gets a job through us!
Sthree UK is acting as an Employment Agency in relation to this vacancy.