Address
Form of workEviden is an Atos Group business with an annual revenue of circa 5 billion and a global leader in data-driven, trusted and sustainable digital transformation. As a next generation digital business with worldwide leading positions in digital, cloud, data, advanced computing and security, it brings deep expertise for all industries in more than 47 countries. By uniting unique high-end technologies across the full digital continuum with 55,000 world-class talents, Eviden expands the possibilities of data and technology, now and for generations to come.
Job Description:
- Respond to cybersecurity incidents, conduct threat analysis/threat hunting as directed and address detected incidents for resolution.
- Use computer forensic tools to examine and analyse electronic media in suspected cyber -attack cases.
- Monitor, identify, analyse, and investigate all response activities related to cybersecurity incidents.
- Assist with security audits, risk analysis, network forensics, malware analysis and penetration testing.
- Document incident investigation findings in an easy-to-read format, with an emphasis on root cause analysis.
- Work with customer and advise on incident remediation.
- Investigate systems and networks logs to determine methods of attack, details of access gained, and potential depth and breadth of compromise.
- Identify and propose automated alerts for new and previously unknown threats.
- Coordinate with different teams across operations, threat intel, and engineering to iteratively improve security controls and detection capabilities.
- Correlate data from intrusion detection and prevention systems with data from other sources such as firewall, web server, and DNS logs.
- Analyse data to detect active threats within the network using knowledge of the current threat landscape, threat actor techniques, and the internal network
- This role requires being available on call during weekends and off hours.
Must have skills:
- Strong understanding of security incident management, and vulnerability management processes
- Expertise in performing forensic analysis on using a variety of commercial and open-source forensic tools such as FTK, EnCase, Write Blockers etc.
- Windows & Linux system's events and logs understanding.
- Expertise in network, host, and cloud-based analysis and investigation
- Demonstrated expertise in cloud security, telemetry, and attack techniques
- Demonstrated experience planning and executing incident response activities
- Proficient with security event information and event management (SIEM) tools including dashboard configuration
- High degree of knowledge of Microsoft, LINUX, and other common business operating systems and common software
- Perform monitoring and incident response of cyber security events as part of a highly available Security Operation Center (SOC)
- Proficient with scripting languages such as Python or PowerShell
- Experience with exploratory data analysis and/or machine learning
- Proficiency in identifying cyber-attack campaigns
- Excellent written and verbal communication skills
Preferable certifications: CHFI OSCP GCFA/GCIH eCMAP FTK Examiner
#LI-US
Let's grow together.
