The Senior Cyber Incident Response & Digital Forensics Consultant is responsible for the investigation and analysis of cyber incidents. Their primary role is in the triage, containment, and eradication of threats within an environment, ensuring as they do that evidential collection and integrity is maintained by all persons involved throughout the course of the incident.
The Senior Cyber Incident Response & Digital Forensics Consultant is expected to act as a subject matter expert to clients by providing root cause analysis and clearly communicating facts about an incident in an empathetic manner at an appropriate technical level for the audience.
What I do is:
Incident Response:
Lead the investigation of cyber security incidents and threats. Understand and track malware and threat actor movements and behaviour on individual devices and across networks. Interact with external stakeholders and leadership teams as part of the response and remediation efforts. Improve the detection, escalation, containment, and resolution of incidents. Enhance existing incident response methods, tools, and processes. Maintain knowledge of technologies and the threat landscape. Assist during non-core business hours during an emergency, critical, or large-scale incident. Analyse collected artifacts in order to determine timelines and process and threat actor actions. Work with the Threat Intelligence team to integrate findings on to our Threat Intelligence database. Mentor junior team members. Investigation Analysis and Consultation:
Understand the organizations, and our customers missions, values, operations, goals, risks, and risk tolerance. Maintains situational awareness for cyber threats across the organization and drive the appropriate or commensurate response activities, where necessary. Understand and connects threats to the risks of the organization to provide appropriate capabilities and services Provides consultative advice and coaching to cybersecurity customers to help them make informed risk management decisions Customer Engagement:
Present and communicate findings, recommendations, and status updates of active investigations. Assists teams (internally and externally) in various security and privacy risk mitigation. Provide Incident Response Readiness Assessments of client’s Incident Response Plans and Playbooks Provide Executive/Board level training in Cyber Security and Incident Response Facilitate Cyber Incident Exercising with clients
#J-18808-Ljbffr
Incident Response:
Lead the investigation of cyber security incidents and threats. Understand and track malware and threat actor movements and behaviour on individual devices and across networks. Interact with external stakeholders and leadership teams as part of the response and remediation efforts. Improve the detection, escalation, containment, and resolution of incidents. Enhance existing incident response methods, tools, and processes. Maintain knowledge of technologies and the threat landscape. Assist during non-core business hours during an emergency, critical, or large-scale incident. Analyse collected artifacts in order to determine timelines and process and threat actor actions. Work with the Threat Intelligence team to integrate findings on to our Threat Intelligence database. Mentor junior team members. Investigation Analysis and Consultation:
Understand the organizations, and our customers missions, values, operations, goals, risks, and risk tolerance. Maintains situational awareness for cyber threats across the organization and drive the appropriate or commensurate response activities, where necessary. Understand and connects threats to the risks of the organization to provide appropriate capabilities and services Provides consultative advice and coaching to cybersecurity customers to help them make informed risk management decisions Customer Engagement:
Present and communicate findings, recommendations, and status updates of active investigations. Assists teams (internally and externally) in various security and privacy risk mitigation. Provide Incident Response Readiness Assessments of client’s Incident Response Plans and Playbooks Provide Executive/Board level training in Cyber Security and Incident Response Facilitate Cyber Incident Exercising with clients
#J-18808-Ljbffr
